It's  VoIP  season 


3Com,  EarthLink  and  start¬ 
up  Adomo  are  among  those 
readying  new  products  for  converged  nets.  PAGE  11. 


Feel  the  burn 

Businesses  installing  FbE  gear  for  IP  telephony  or  Wi¬ 
Fi  access  points  are  finding  that  the  extra  electricity 
those  technologies  require  are  a  hot  topic.  PAGE  19. 


SCO  server  test 

The  SCO  Group’s  OpenServer  6 
has  new  security  features,  but 
still  has  some  rough  edges.  PAGE  37. 
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What  summer  break? 

Net  projects  have  kept  higher-ed  IT  pros  cramming. 

BY  JOHN  COX 

ummer  vacation 
has  a  special 
meaning  for  net¬ 
work  professionals 
at  U.S.  colleges  and 
universities. 

It  means  redoubling 
efforts  to  get  big  pro¬ 
jects  finished  before 
students  and  faculty 
return  in  the  fall. 

This  year,  as  last  year,  many  of  the  summer  vacation  priorities 
in  higher  education  focus  on  network  and  end  user  security  But 
addressing  campus  security  is  becoming  even  more  complex 
and  urgent  because  networks  and  computing  have  become 
more  central  to  education  —  not  simply  in  administration  and 
operations  but  also  in  teaching  and  learning. 

Many  schools  now  need  three  critical  components  for  this 

See  Summertime,  page  14 


August  29,  2005  ■  Volume  22,  Number 34 


BY  DENISE  DUBIE 

BOSTON  —  IBM  Tivoli  executives  last  week  said 
the  company  would  by  year-end  deliver  software  to 
keep  tabs  on  service-oriented  architecture-enabled 
applications. 

The  company  detailed  IBM  Tivoli  Composite 
Application  Management  (ITCAM)  for  SOA  software 
to  some  3,000  attendees  at  the  Share  user  group  con¬ 
ference.  ITCAM  will  be  able  to  monitor  SOA  service 
and  application  performance,  and  will  give  network 
operations  staff  views  into  the  status  of  underlying 
infrastructure  components,  such  as  middleware  and 
application  servers,  IBM  says.  The  company’s 
announcement  follows  HP’s  June  introduction  of 
Open  View  SOA  Manager. 

Managing  SOA  environments  has  until  recently 
been  the  purview  of  start-ups  and  smaller,  applica¬ 


tion-specific  vendors,  but  the  arrival  of  IBM,  HP  and 
others  indicates  a  significant  broadening  of  the  mar¬ 
ket.  According  to  a  July  survey  of  100  CIOs  by 
Goldman  Sachs,  87%  use  Web  services  now  and  54% 
plan  to  deploy  infrastructure  to  support  SOA  by  year- 
end. 

“Web  services  and  SOA  management  is  getting  into 
more  than  just  up-and-running  alerts  on  individual 
SOA  projects,”  says  Randy  Heffner,  a  vice  president  at 
Forrester.  “Customers  want  to  manage  everything 
from  security  to  policies  across  an  enterprise-scale 
SOA.The  [niche  vendors]  dove  in  quickly  and  have 
more  time  on  the  ground,  but  the  big  vendors  will 
be  able  to  deliver  a  more  complete  solution  in  the 
long  run.” 

For  Erik  Sargent,  Web  application  architect  at 

See  SOA,  page  12 


Google  dives  deeper  into  networking 


BY  JENNIFER  MEARS  AND 
JOHN  FONTANA 

No  longer  content  with  index- 
ing  billions  of  items  on  the  Web, 
Google  during  the  past  year  or  so 
has  been  expanding  its  offerings 
into  areas  such  as  desktop 
search,  3-D  mapping  and  loca¬ 
tion-aware  services. 


And  last  week  it  took  a  step  into 
the  world  of  telephony  services, 
launching  its  Google  Talk  instant 
messaging  and  VoIP  chat  service. 
This  latest  move  is  just  part  of  the 
company’s  expansion  into  the 
corporate  computing  realm. 

Earlier  this  summer,  Google 
made  a  strategic  investment 


in  broadband-over-powerline 
service  provider  Current  Com¬ 
munications  Group,  and  rumors 
are  circulating  that  it  aims  to  con¬ 
struct  a  nationwide  fiber-optic 
network  that,  among  other  things, 
could  support  free  Wi-Fi  access 
for  all. 

A  Google  spokeswoman  would 
not  comment  on  the  company’s 
plans,  except  to  say  that  it  is  “con¬ 
tinually  exploring  opportunities 
to  expand  our  offerings.” 

“We  are  continually  developing 
new  technologies  to  help  users 
find  and  access  the  information 
they  need.  We  release  all  of  our 
products  and  services  with  our 
users  in  mind,  and  we  remain 
See  Google,  page  45 


reincarnation 


The  application  service 
provider  frenzy  may  have  died 
out,  but  the  concept  lives  on 
among  second-generation 
companies  offering  software 
as  a  service.  Law  firm  Allen 
Matkins  relies  on  several  host¬ 
ed  applications,  says  Frank 
Gillman,  vice  president  of 
technology  at  the  company. 


STEPHANIE  DIANI 


Microsoft 


efGET  THE  FACTS. 


RADIOSHACK  COMPARED  TCO  AND  FOUND  WINDOWS  SERVER  SYSTEM 
WILL  SAVE  THEM  MILLIONS. 


"In  upgrading  our  aging  UNIX-based  servers,  we  considered  both  Windows  Server™  and 
Linux.  Windows  Server  System™  offered  several  advantages,  including  the  ability  to  consolidate 
our  in-store  servers  by  50%  from  10,200  to  5,100 — and  a  savings  of  several  million  dollars 
in  hardware,  software,  systems  management,  and  support  costs"  /jz\  _  „ 

-Ron  Cook,  Vice  President  and  Chief  Technology  Officer,  RadioShack  3  ,0  ac 

For  these  and  other  third-party  findings,  go  to  microsoft.com/getthefacts 
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NetVanta  1224/1224ST  Series 

Managed  Fast  Ethernet  and 
Powered  Ethernet  Switches 


NetVanta  1524ST 

Managed  Gigabit  Ethernet  Switch 


802.3af 
Power  over 
Ethernet 


The  right 
technology 

(at  the 
right  price). 


NetVanta  Switches,  Routers,  and  VPN  Solutions. 
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NetVanta  1224R/1224STR  Series 

All-in-One  Access  Platform  with 
Switch/Router/Firewall/VPN/DSU/CSU 


NetVanta  340 

Business-class  ADSL2+  Router 


NetVanta  3200 

Modular  2xT1/ADSL2+  Branch  Office 
Routers  with  Firewall/VPI\l/Voice/Dial  Backup 


NetVanta  3205/3305/4305 

Modular  2xT1/3xT1/8xT1  Routers  with 
Firewall/VPN/Voice/Dial  Backup 


NetVanta  5305 

Modular  2xT3  Router  with  Firewall/VPN 


NetVanta  2050/2054/2100 

Flome  Office/Small  Office  VPN  Gateways 
with  Firewall/Multi-Port  Switch 


NetVanta  2300/2400 

Medium  to  Large  Office  VPN 
Gateways  with  Firewall 


Lower  network 
costs  without 
compromising 
quality,  performance, 
or  support  —  with 
NetVanta. 


Is  voice  and  data  networking  costing  you  more  than  it  should? 

You  no  longer  have  to  pay  premium  prices  for  brand  name 
gear  to  perform  customary'  internetworking  tasks.  With  the 
NetVanta  Series  from  ADTRAN  ®,  you  can  implement  the  exact 
internetworking  functionality  you  need,  at  a  cost  that’s 
often  50%  less  than  competing  brand  name  solutions. 
Choose  from  switching,  routing,  and  VPN  platforms. 
Modular  chassis  and  deep  product  lines  let  you  pick 
and  choose  just  the  right  solution  for  any  application — 
data,  voice,  VoIP,  Internet,  backup,  and  management — 
across  networks  ranging  from  56  kbps  to  GigE.  Every 
solution  is  backed  by  a  100%  satisfaction  guarantee  from 
ADTRAN,  unlimited  telephone  technical  support  (before  and 
after  the  sale),  free  firmware  upgrades,  and  a  full  5-year  warranty. 

Why  pay  more  (when  you  don’t  have  to)? 


Register  to  win  a  free  NetVanta  1224STR  now! 

www.adtran.com/rightprice 


Have  a  question  about  network  design?  How  to  implement 
VoIP  in  your  network?  Our  network  engineers  are  standing  by. 

800  597  9602  Technical  Questions 
877  280  8416  Where  to  Buy 


05  ADTRAN  Inc.  All  rights  reserved.  ADTRAN  and 
.eivantaare  registered  trademarks  of  ADTRAN,  Inc.  Five-year  warranty 
applies  in  North  America  and  Europe.  EN89D061305NW 
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Logitech’s  wireless  headphones  let 
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music  player  without  missing  a  beat. 
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NW  Radio:  Windows  worms  and  flaws 

With  multiple  worms  released  to 
exploit  the  recently  patched 
Windows  Plug  and  Play  flaw  and 
new  details  on  an  Internet  Explorer 
vulnerability  that's  not  patched, 
users  and  administrators  have  a 
lot  on  their  plates.  Listen  in  as 
Johannes  Ullrich  of  the  Internet 
Storm  Center  and  Eric  Yoshizuru  of 
Panda  Software  discuss  the  latest 
security  threats.  DocFinder:  8654 

IT  Borderlands:  Technographer? 

Ken  Fasimpaur  has  been  in  IT  for  10 
years,  yet  he'd  never  heard  of  the 
job  position  "technographer."  Until 
now.  What  weird  job  titles  have  you 
seen?  And  see  how  one  technogra¬ 
pher  responds. 

DocFinder:  8655 


Forum:  Looming  IT  staff  shortage? 

Is  there  one?  If  so,  who's  to  blame 
and  what  to  do  about  it?  Join  the 
debate  on  the  issue. 

DocFinder:  8656 

Forum:  Open  Wi-Fi 

Mark  Gibbs  suggests  that  people 
who  leave  their  access  points  open 
should  be  convicted  —  and 
hanged.  Readers  react:  add  your 
comments.  DocFinder:  8657 

Letters,  we  get  letters: 

Head  online  to  see  what  readers  say 
about  whistle-blowers  like  Michael 
Lynn,  the  blurring  of  the  line 
between  work  and  personal  time, 
commoditized  wireline  services  and 
the  decline  of  trade  shows. 
DocFinder:  8658 


Online  help  and  advice 

Nutter's  Help  Desk 

Help  Desk  guru  Ron  Nutter  helps  a 
user  figure  out  how  best  to  build  a 
VoIP  network  across  three  locations. 

DocFinder:  8659 

Small  Business  Tech 

James  Gaskin  takes  Watchguard's 
Firebox  X  Edge  firewall  router  out 
for  a  spin  and  says  it  needs  work. 

DocFinder:  8660 


Home  Base 

Sandra  Gittlen  discusses  how  Web 
conferencing  is  becoming  a  vital  tool 
even  for  the  smallest  of  businesses. 

DocFinder:  8661 

Need  more  help? 

Our  How  To  page  links  to  scores  of 
helpful  hints  from  Dr.  Internet, 
Nutter's  Help  Desk  and  Gearhead. 

DocFinder:  8662 


Seminars  and  events 


Vortex2805 

Vortex2005:  Setting  the  IT  Agenda  will  deliver  straight  talk  from  the  leaders 
of  AT&T,  EMG,  HP,  Intel,  Microsoft,  Sun  and  others  on  security,  collaboration, 
IT  flexibility  and  more  at  the  annual  gathering  of  the  key  stakeholders  in 
enterprise  IT.  DocFinder:  8556 


BREAKING  NEWS 

Go  online  for  breaking  news  every  day.  DocFinder  1001 


Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics. 

DocFinder  1002 


What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and  resources 
online.  Simply  enter  the  four-digit  DocFinder  number  in 
the  search  box  on  the  home  page,  and  you’ll  jump  directly 
to  the  requested  information. 


6  •  www.networkworld.com  •  8.29.05 


NEWSbits 


Microsoft  and  the  FBI:  The  new  Untouchables? 

■  Microsoft  teamed  with  the  FBI  to  help  bring  down  an  alleged  phisher.  Jayson 
Lucas  Harris  pleaded  not  guilty  in  an  Iowa  court  last  week  to  charges  of  scamming 
computer  users  with  fake  e-mail  notices  from  Microsoft.  He  was  charged  with  75 
counts  of  wire  fraud  in  the  phishing  scam.  According  to  court  documents,  Harris 
for  1 1/2  years  tried  to  scam  MSN  users  into  sending  credit  card  information  via  a 


TheGoodTheBadTheUgly 

AMD  takes  Intel  fight  public.  What's  not  to  like 

about  two  big  industry  competitors  going  at  it  in  front  of  everybody? 
Advanced  Micro  Devices  has  challenged  Intel  to  a  public  fight  to  see 
which  company  has  the  best-performing  64-bit  dual-core  server 
processors.  The  company  placed  advertisements  in  mqjor  U.S.  news¬ 
papers  last  week  proposing  a  contest  that  would  pit  the  fastest  serv¬ 
er  based  on  a  dual-core  AMD  processor  with  the  fastest  server  based 
on  an  equivalent  chip  from  Intel.  No  word  yet  on  whether  Intel  is  in. 


fake  Web  site.The  messages  were  addressed  “Dear  MSN  Customer”  and  appeared  to 
be  from  “billing@msn.com.”  Reportedly  one  such  e-mail  went  to  the 
mother-in-law  of  a  Microsoft  employee,  who  passed  it  on  to  the 
company’s  lawyers.The  case  was  the  first  of  more  than  100  brought 
by  Microsoft  against  suspected  phishers.  A  trial  is  set  for  October. 
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Spamalot  not 

■  Three  people  accused  of  sending  massive  amounts 
of  spam  face  possible  prison  sentences  after  being 
indicted  by  a  grand  jury  in  Arizona  and  accused  of 
violating  the  Can-Spam  Act  of  2003  and  other  charges, 
the  U.S.  Department  of  Justice  says.  Named  in  the 
indictment  are  Jennifer  R.  Clason,  Jeffrey  A.  Kilbride 
and  James  R.  Schaffer.  The  three  are  accused  of  send¬ 
ing  spam  that  advertised  pornographic  Web  sites, 
according  to  a  Justice  Department  statement.  They 
could  make  money  from  commissions  the  Web  sites 
paid  in  return  for  directing  traffic  to  the  sites.  The 
defendants’  operation  was  ranked  as  one  of  the  200 
largest  sources  of  spam  on  the  Internet  by  The 
Spamhaus  Project,  a  group  that  tracks  and  battles 
spam.  AOL  received  more  than  600,000  complaints 
between  late  January  and  early  June  last  year  related 
to  spam  from  the  operation. 


“We  shouldn’t  take  the  lead 
from  Korea  or  Japan  or  India; 
we  should  start  to  have  visions 
of  our  own.” 

Bill  Owens,  Nortel  CEO,  speaking  about  the  U.S.  government’s 
need  for  a  new  broadband  strategy. 


with  Fiorina,  but  it’s  a  good  bet  she  isn’t  writing  the 
book  for  the  money  Fiorina  picked  up  $21  million  in 
cash  as  a  severance  payment  when  she  left  HP 


Dissing  Sarbanes-Oxley.  Members  of  IBM's  Share 
user  group  were  asked  to  imagine  them¬ 
selves  being  transported  to  2015  and  then 
looking  back  at  2005  and  what  they 
thought  in  retrospect  would  prove  to  be 
either  an  ineffective  or  wasteful  use  of 
their  IT  time.  Twenty-eight  percent  of  the 
444  polled  cited  Sarbanes-Oxley  compli¬ 
ance,  followed  by  deployment  of  unproven 
technologies  (23%),  and  purchase  of 
unneeded  technologies  (19%). 

<  Zero  day  attacks  on 

the  way.  The  recent  Zotob  worm  and 
its  variants  show  once  again  that  hackers 
are  exploiting  software  vulnerabilities 
faster  than  ever.  Sal  Viveros,  security  strategist  with  McAfee,  told 
Computing  South  Africa  that  "In  terms  of  a  zero  day  attack,  where  a 
vulnerability  is  announced  by  the  manufacturer,  and  the  threat  is  cre¬ 
ated  on  day  one,  we  think  that  this  is  right  around  the  corner." 


gated  by  military  and  civilian  law  enforcement,  after 
noticing  from  log  files  that  one  individual  was  access¬ 
ing  the  Air  Force  online  career-management  system 
an  inordinate  number  of  times.  The  affected  person¬ 
nel  were  advised  to  monitor  their  credit  reports  close¬ 
ly  for  signs  of  identity  thefts. 


Gash  and  Gariy 

■  Carly  Fiorina  has  reached  a  deal  to  pen  a  memoir 
about  her  dramatic  career,  which  went  on  hiatus  in 
February  following  her  ouster  from  HP  after  a  turbu¬ 
lent  five-year  run  as  the  company’s  chief  executive. 
Due  out  in  late  2006,  Fiorina’s  book  will  blend  writing 
about  her  career  with  her  views  on  topics  such  as 
leadership,  how  women  can  thrive  in  business  and 
how  technology  will  reshape  the  world,  her  publisher 
says.  Portfolio  didn’t  disclose  the  terms  of  its  contract 


Air  Force  personal  data  flies  away 

■Air  Force  officials  at  Randolph  Air  Force  Base  in  San 
Antonio,  Texas,  say  a  network  intrusion  there,  which 
they  believe  was  carried  out  in  May  or  June  by  some¬ 
one  using  a  legitimate  user’s  logon  information,  has 
resulted  in  the  data  theft  of  personal  information  of 
about  33,000  Air  Force  officers.The  data  breach  is  said 
to  include  Social  Security  numbers,  marital  status, 
number  of  children  and  academic  records.  The  Air 
Force  discovered  the  breach,  which  is  being  investi- 


Still  no  crying  for  Ebbers 

■  The  U.S.  Federal  Bureau  of  Prisons  has  ordered  for¬ 
mer  WorldCom  CEO  Bernie  Ebbers  to  serve  his  25-year 
prison  term  at  a  medium-security  facility  in  Oakdale, 
La.,  rather  than  a  less-tightly  guarded  location  closer  to 
his  home.  Federal  officials  made  the  decision  even 
after  U.S.  District  Judge  Barbara  S.  Jones  recommend¬ 
ed  that  Ebbers,  63,  be  sent  to  a  minimum-security 
prison  in  Yazoo  City,  Miss.,  near  his  family  and  friends. 
The  Louisiana  prison  is  200  miles  from  Ebbers’  home¬ 
town.  Ebbers  must  report  to  prison  by  Oct.  12. 

BEA  snaps  up  Plumtree 

■  BEA  Systems  has  agreed  to  buy  portal  software 
maker  Plumtree  Software  for  around  $200  million  in 
cash.  The  deal  removes  from  the  market  a  struggling 
company  analysts  long  expected  to  be  bought  by  a 
larger  vendor,  and  adds  to  BEAs  portfolio  a  new  line  of 
collaboration  software.  BEA  already  has  its  own  portal 
software,  WebLogic  Portal.  BEA  executives  say  they  see 
their  software  and  Plumtree  Portal  serving  two  differ¬ 
ent  audiences  —  developers  and  business  users. 


“Here  is  the  latest  gear  to 
wear  while  deploying  Vista. 


Randall  Diekmeyer  takes  the  prize  this  week  for  his  shot  at  Microsoft's  long- 
delayed,  next-generation  operating  system.  Check  back  Monday  for  the  start  of  a 
new  contest,  www.networkworld.com/weblogs/layer8 


WTake  charge.  Win  the  battle  and  take  control,  right  from  your  comfy  chair.  It’s  easy  to  conquer  the  challenges  of 
managing  serial  devices  in  the  data  center  with  the  CCM  serial  console  manager.*  When  used  with  DSView®  3, 
AVWorks®,  or  industry-standard  SSH/Telnet  client  software,  you  can  remotely  control  servers,  network  gear,  telco  and 
power  devices  from  a  single  interface.  With  proactive  alerts  and  offline  buffering 
you  can  remotely  diagnose  failed  devices  and  reduce  downtime  without  setting 
foot  in  the  data  center.  Visit  us  at  www.avocent.com/serialcontrol. 

*  Recliner  recommended,  but  not  Included. 


Avocent. 

The  Power  of  Being  There® 


Avocent,  the  Avocent  logo,  DSView,  AVWorks  and  The  Power  of  Being  There  are  registered  trademarks  of  Avocent  Corporation.  ©  2005  Avocent  Corporation. 
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Cisco  aims  to  simplify  switch  mgmt 

Catalyst  6500  software  upgrade  keeps  processes  isolated. 


BY  TIM  GREENE 

Cisco  is  upgrading  software  on 
its  Catalyst  6500  switches  so  indi¬ 
vidual  processes  on  the  devices 
run  separately,  allowing  cus¬ 
tomers  to  reboot  processes  with¬ 
out  taking  the  entire  switch 
offline. 

The  company  says  this  shift  to 
discrete  modular  processes 
makes  for  simpler  software 
upgrades  to  subsystems  of  the 
switch  that  support  processes 
such  as  TCR  User  Datagram 
Protocol  (UDP),  routing  and  FTP 

The  new  software  architecture 
is  also  designed  to  cut  the  time  it 
takes  to  check  software  upgrades 
such  as  patches  or  new  features, 
Cisco  says.  Because  such 
upgrades  can  be  accomplished 
via  alterations  to  individual 
processes  rather  than  to  the 
entire  image  of  Cisco’s  IOS  soft¬ 
ware,  customers  need  to  do  less 


testing  to  determine  if  upgraded 
processes  will  disrupt  other  func¬ 
tion,  Cisco  says.  The  company 
says  upgrades  can  be  done  to  the 
routing  module,  for  instance, 
while  the  switch  is  in  use  without 
dropping  a  packet. 

With  the  Catalyst  6500  software 


upgrade  comes  automation  of 
routine  maintenance  tasks,  as 
well  as  better  diagnostics  and  res¬ 
olution  of  network  problems  in 
conjunction  with  another  new 
software  feature  called  Em¬ 
bedded  Event  Manager  (EEM). 

Because  EEM  detects  more 


details  about  the  switches’ subsys¬ 
tems  than  SNMP  does,  it  can  auto¬ 
matically  respond  to  more  minor 
problems  based  on  policies  set 
by  customers.  So  if  a  given 
process  eats  up  more  CPU  capac¬ 
ity  than  the  policy  allows,  for 
example,  EEM  can  trigger  an 
automated  response.  EEM  can 
take  any  action  that  can  be  initi¬ 
ated  via  Cisco’s  standard  com¬ 
mand  line  interface. 

Running  processes  indepen¬ 
dently  on  switches  is  common  in 
carrier-grade  gear,  but  is  not  so 
widespread  in  business-class  net¬ 
work  equipment, says  Mark  Fabbi, 
a  vice  president  at  Gartner.  He 
says  that  Juniper  has  been  the 
notable  exception,  as  the  JunOS 
software  in  its  enterprise  switches 
hails  from  the  company’s  carrier- 
grade  switches  and  routers. 
Cisco’s  software  upgrade  is  a  big 
change,  Fabbi  says. 


“Before  this,  IOS  was  monolith¬ 
ic,”  he  says.  “If  you  want  to  patch 
one  tiny  thing,  it’s  an  IOS 
upgrade.” 

The  upgraded  offering  could 
have  an  impact  on  network  secu¬ 
rity  as  well,  Fabbi  says.  Customers 
might  be  more  likely  to  install 
Cisco  patches  sooner  because  it 
should  be  easier  to  do  and  the 
patches  won’t  have  the  potential 
broad  impact  on  other  subsys- 
tems.“People  are  reluctant  to  dab¬ 
ble  with  IOS  as  a  whole,”  Fabbi 
says. 

The  new  software  features  for 
Catalyst  6500  switches  are  sched¬ 
uled  to  be  available  in  the  fourth 
quarter  for  switches  using  Cisco’s 
Supervisor  Engine  720  and  in  the 
first  quarter  of  next  year  for 
switches  using  Supervisor  Engine 
32.  There  is  no  extra  fee  for  cus¬ 
tomers  with  a  SMARTnet  mainte¬ 
nance  contract.  ■ 


Changes  ahead  for  Microsoft’s  Virtual  Server 


BY  JOHN  FONTANA 

Microsoft  last  week  scrubbed  the 
Service  Pack  tag  off  the  next 
release  of  its  Virtual  Server  and 
said  the  software  would  now  be 
released  as  a  new  product  that 
will  carry  a  licensing  fee  for  some 
users. 

The  company  also  reaffirmed  its 
road  map  for  Virtual  Server,  saying 
it  will  continue  as  a  separate  prod¬ 
uct.  It  will  run  on  Longhorn  after 
Microsoft  directly  builds  virtualiza¬ 
tion  technology  into  Longhorn 
Server,  which  is  set  to  ship  in  2007. 
And  it  will  take  on  the  role  of  man¬ 
aging  multiple  virtual  machines 
running  on  a  single  box. 

Virtual  server  technology  lets 
multiple  operating  systems,  called 
guests,  run  on  one  physical 
machine  with  a  single  host  operat¬ 
ing  system.Virtual  Server  2005  runs 
Windows  Server  2003  as  its  host 
operating  system. 

What  was  introduced  in  April  as 
Virtual  Server  2005  Service  Pack  1 
is  now  being  renamed  Virtual 
Server  2005  R2.  Microsoft  uses  the 
R2  nomenclature  to  signify  an 
interim  product  upgrade. 

While  Virtual  Server  2005  Service 
Pack  1  would  have  been  made 


available  at  no-cost  via  download, 
users  without  Software  Assurance 
service  contracts  will  now  have  to 
buy  an  entirely  new  license  for  R2. 
Microsoft  did  not  say  what  the  cost 
would  be  for  that  license. 

Company  officials  say  they  con¬ 
sidered  the  free  vs.  cost  issue  and 
found  that  the  majority  of  Virtual 
Server  2005  customers  were  on 
Software  Assurance  support. 

“We  agonized  over  that  ques¬ 
tion,”  says  Zane  Adam,  director  of 
marketing  for  the  Windows  server 
division.“Since  this  product  sells  in 
the  enterprise  segment  and  has 


only  been  out  since  [fall],  the 
potential  of  a  having  a  large  cus¬ 
tomer  base  looking  for  Service 
Pack  1  is  not  really  existent.  If  this 
was  a  two-  or  three-year  cycle  we 
would  have  suffered  a  bit  more.” 

Adam  confirmed  that  the  feature 
set  for  this  next  release  of  Virtual 
Server  has  not  changed  since  the 
company  released  Service  Pack  1 
in  April.  Features  include  support 
for  non-Windows  virtual  machines 
such  as  Linux;  the  ability  to  use 
x64  editions  of  Windows  Server 
2003  as  a  host  operating  system; 
clustering  technology;  and  sup¬ 


port  for  guest  operating  system 
installation  via  a  network. 

What  has  changed,  Adam  says,  is 
Microsoft’s  long-term  commitment 
to  invest  in  and  continue  develop¬ 
ing  Virtual  Server. 

“Having  a  virtual  server  product 
separate  from  the  OS  makes 
sense,” says  Gordon  Haff,an  analyst 
with  Illuminata.  “Going  forward, 
basic  virtualization  capabilities 
will  be  built  into  Windows,  Linux 
and  other  operating  systems  so 
these  other  products  become  less 
about  splitting  up  a  server  and 
more  about  controlling  and  man¬ 


aging  the  virtual  machines  on  that 
server” 

Microsoft  says  the  build-up  to 
that  inevitability  would  include  a 
beta  release  of  another  full  version 
upgrade  of  Virtual  Server  in  the 
first  half  of  next  year  with  final 
shipment  at  the  end  of  the  year. 
The  release  will  represent  the  tran¬ 
sition  point  to  the  Longhorn  virtu¬ 
alization  technology  that  will 
include  hypervisor,  an  optimized 
operating  system,  or  microkernel, 
built  into  the  virtualization  plat¬ 
form  designed  to  provide  better 
performance  and  scalability.  ■ 


Virtual  Server  reality  check 

Microsoft  has  made  virtualization  one  of  its  key  investment  areas  and  plans  to  develop  it  as  a  core  part  of  its  operating  system  along  with 
technology  to  manage  and  monitor  virtual  machines  running  on  Windows. 


February  2003 

Buys  Connectix  for  its  virtual  server  and 
virtual  PC  technology. 

I.  |  r~j  r-y-j  r- T 


April  2005  2006 

CEO  Steve  Ballmer  announces  Virtual  Server  Service  Plans  to  skip  another  version  of  Virtual  Server,  with  a  beta  slated  for  the 
Pack  1  and  says  it  will  support  Linux.  first  half  of  the  year  and  final  release  in  the  second  half. 

I  , _ I _ _ 


2003 


September  2004 

Releases  first  version  of 
Virtual  Server. 


2004  f  2005 

August  2005 

Drops  Service  Pack  tag  and  names  next  version 
of  Virtual  Server  2005  R2. 


1  2006  )  2007  f 

2007  | 

Longhorn  Server  will  include  built-in  virtualization  technology  similar  to  Virtual  Server, 
which  will  continue  as  a  product  but  focus  on  management  and  monitoring. 
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WiredRed  adds  conferencing  to  Office  apps 


BY  JOHN  FONTANA 

Real-time  communications  ven¬ 
dor  WiredRed  last  week  integrat¬ 
ed  its  Web  and  videoconferenc¬ 
ing  software  with  Microsoft’s 
Office  applications. 

The  combination  of  WiredRed  s 
e/pop  Web  Conferencing  and 
Office  lets  users  begin  a  confer¬ 
encing  session  with  just  one  click 
from  within  any  of  the  applica¬ 
tions  in  that  suite,  including  Word, 
Excel  and  Outlook. 

Building  access  to  collabora¬ 
tion  features  directly  into  produc¬ 
tivity  applications  is  a  trend 
among  vendors,  including 
Microsoft  and  IBM/Lotus.  The 
goal  is  to  give  users  access  to  real¬ 
time  communication  tools  with¬ 
out  using  a  separate  application 
interface. 

The  software  adds  a  quick-start 
button  to  Office  applications, 
which  provides  access  to  video, 
VoIP  application/document  shar¬ 
ing  and  presentation  sharing. 
Users  also  can  exchange  Outlook 
calendar  invitations  so  invitees 
can  confirm  scheduled  confer¬ 
ences  or  join  those  conferences 
from  links  within  their  calendars. 

The  highlight  is  support  for 
multi-point  conferences,  which 
let  three  or  more  users  connect  to 
a  single  conference  from  any¬ 
where  on  an  internal  network  or 
the  Internet.  In  addition, users  can 
run  WiredRed’s  software  in-house 
without  any  need  for  a  service 
provider. 

“WiredRed  is  ahead  of  the 
game  when  it  comes  to  multi¬ 
point  capabilities  integrated  with 
Office  and  totally  ahead  if  you 
want  to  run  that  application 
behind  your  firewall,”  says  Andy 
Nilssen,  senior  analyst  and  part¬ 
ner  with  Wainhouse  Research. 
“And  one  thing  that  does  jump 
out  is  that  they  also  do  [instant 
messaging] .  There  are  going  to 
be  some  very  interesting  integra¬ 
tion  possibilities  going  forward 
when  you  control  both  the  real¬ 
time  conferencing  and  IM  and 
presence  technology.  Microsoft 
does  that  although  they  have  yet 
to  do  the  integration.  Lotus  does 
it  and  WiredRed  does  it.  It’s  a 
small  club.” 
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WiredRed  not  only  competes 
with  Microsoft  and  IBM/Lotus  but 
also  with  smaller  vendors,  includ¬ 
ing  Linktivity  and  Macromedia. 

Office  integration  is  the  latest  in 
a  number  of  enhancements 


WiredRed  has  made  to  e/pop 
Web  Conferencing,  including  sup¬ 
port  for  Firefox  and  Mozilla-based 
browsers;  record  and  playback 
that  lets  users  capture  entire  con¬ 
ferencing  sessions  in  a  variety  of 


formats;  and  video  and  VoIP  fea¬ 
tures  to  support  conferences  with 
10  or  more  users. 

The  e/pop  Web  Conferencing 
software,  which  functions  as  both 
a  VPN  and  a  router  in  order  to 


support  multi-user  conferencing, 
runs  on  Windows  Server  2003  and 
is  available  now.  It  is  priced  at 
$3,000  and  is  also  available  as  a 
hosted  service  beginning  at  $350 
per  month.  ■ 


NETWORK  MANAGEMENT  POWERFUL 
ENOUGH  TO  DO  EVERYTHING 

IS  TOO  COMPLEX  TO  DO  ANYTHING. 

Don’t  get  stuck  with  more  than  you’ll  ever  use  and  less  than  you  need. 
Ipswitch  WhatsUp”  Professional  is  designed  specifically  for  small-  and 
medium-sized  businesses.  So  you  get  essential  network  management 
without  high  administrative  costs  and  effort.  Featuring  comprehensive 
alerts,  automatic  device  mapping,  detailed  trend  reports  and  secure 
remote  access  -  it’s  a  smarter  solution,  instead  of  a  bigger  one. 

Ipswitch  WhatsUp  Professional. 

It  just  works. 
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Symantec  revamps  multi-purpose  boxes 

Company's  gateway  security  family  features  higher  throughput,  SSL  VPN  termination. 


Multi-purpose  gateways 

A  summary  of  the  Symantec  Gateway  Security  5600  series: 


Product 

Max.  Users 

Throughput 

Pricing 

SGS  5620 

500 

600M  bit/sec 

$4,000  to  $19,000 

SGS  5640 

2,500 

1.4G  bit/sec 

$5,000  to  $21,000 

SGS  5660 

5,000 

3G  bit/sec 

$11,000  to  $35,000 

Note:  All  of  the  appliances  support  firewall,  anti-virus,  anti-spam, 
intrusion  detection,  Web  content  filtering,  IPSec  and  SSLVPNs. 


^  Symantec 


BY  ELLEN  MESSMER 

Symantec  this  week  plans  to 
unveil  three  all-in-one  gateways 
that  combine  VPN/firewall,  anti¬ 
spam,  anti-virus,  Web  filtering 
and  other  security  functions. 

The  Symantec  Gateway  Secu¬ 
rity  (SGS)  5600  Series  boasts 
throughput  of  up  to  600M  bit/sec 


BY  ELLEN  MESSMER 

FaceTime  next  month  plans  to 
ship  an  anti-spyware  product  that 
will  let  users  block  adware  and 
malicious  code  at  the  desktop 
and  gateway  as  well  as  prevent 
unauthorized  instant  messaging 
and  peer-to-peer  file  sharing. 

FaceTime  Enterprise  Spyware 
Prevention  will  include  a  central 
management  console  for  config¬ 
uration  of  the  desktop  software 
and  gateway  as  well,  as  a  server- 
based  collection  point  for  event- 
related  data  to  generate  reports. 
With  many  businesses  evaluat¬ 
ing  anti-spyware  products  for 
purchase,  FaceTime  enters  a 
race  joined  by  anti-virus  offer¬ 
ings,  gateway  spyware  filters 
such  as  Blue  Coat  and  pure-play 
desktop  anti-spyware  such  as 
Webroot  Software. 

Expanded  focus 

Until  now  FaceTime’s  focus  has 
been  its  Real-Time  Guardian  gate¬ 
way  for  filtering  peer-to-peer  and 
IM  traffic  for  businesses  that 
regard  it  as  a  security  threat. 

But  gateway  filtering  isn’t 
enough,  says  John  Christensen, 
FaceTime’s  CTO,  because  “when  a 
user  takes  a  laptop  from  behind 
the  gateway,  it  can  get  infected 
with  spyware.” 

The  desktop  component  of  the 
FaceTime  Enterprise  Spyware 
Prevention  product  originated 
with  software  from  Xblock 
Systems,  a  start-up  making  con¬ 
sumer  anti-spyware  desktop  soft¬ 
ware  that  FaceTime  acquired  in 
May  FaceTime  is  adapting  it  for 
the  enterprise  by  adding  manage¬ 
ment  capability 


on  the  low  end  and  3G  bit/sec 
on  the  high  end.  With  improved 
hardware,  the  SGS  5600  doubles 
the  speeds  obtained  in  the  5400, 
line  introduced  two  years  ago, 
but  without  a  price  increase  (see 
graphic). 

The  products  will  compete 
with  offerings  such  as  Cisco’s 


The  anti-spyware  client  also  will 
support  detection  of  IM  and  peer- 
to-peer  traffic,  and  applications 
such  as  Anonymizer  and  Skype, 
which  may  be  off  limits  for  corpo¬ 
rate  use. 

FaceTime’s  customers  who 
have  used  the  Real-Time  Guard¬ 
ian  appliance  for  blocking  IM 
and  peer-to-peer  traffic  say  they 
plan  to  evaluate  Enterprise 
Spyware  Prevention  for  use  in 
their  corporations. 

However,  with  the  growing  num¬ 
ber  of  enterprise  anti-spyware 
products  on  the  market, some  cor¬ 
porations  are  considering  prod¬ 
ucts  that  may  take  them  in  a  dif¬ 
ferent  direction  to  combat  spy- 
ware  on  the  desktop. 

“We’re  also  considering  the  anti¬ 
virus  vendors  and  looking  at  the 
anti-spyware  products  they  have 
available,”  says  Rex  Voorheis, 
senior  manager  of  network  infra¬ 
structure  at  public  accounting 
firm  Crowe  Chizek,  in  Indian¬ 
apolis,  which  uses  the  FaceTime 
gateway  to  block  IM  and  peer-to- 
peer  traffic. 

The  company  views  spyware  as 
a  growing  threat  to  the  2,000  desk¬ 
tops  in  its  20  offices,  and  plans  to 
enhance  its  current  management 
and  update  control  products. “We 
may  end  up  with  a  combination 
of  products  for  spyware  protec¬ 
tion, ’’Voorheis  says. 

FaceTime  Enterprise  Spyware 
Prevention  starts  at  $4,500  for  50 
users.  ■ 
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ASA  5500  Series  and 
Fortinet’s  FortiGate. 

The  hardware  for  the  SGS 
5600  Series  contains  a  dual¬ 
disk  and  swappable  power 
supply  with  failover  and 
load-balancing  support,  says 
Michele  Araujo,  senior  prod¬ 
uct  manager. 

In  addition  to  higher 
speeds,  the  new  SGS  models 
add  features  such  as  SSL 
VPN  termination  (IPSec-  I 
based  VPN  support  was 
already  included  in  the  5400 
gateways). 

Also  new  is  a  way  to  check  *] 
that  a  desktop  wanting 
access  through  the  gateway 
is  running  a  properly  configured 
firewall  or  has  updated  anti¬ 
virus  signatures.  The  catch, 
though,  is  that  an  end  user 
would  have  to  be  running 
Symantec’s  anti-virus  products 
and  desktop  firewall,  such  as 
Symantec  Client  Security,  for  this 
policy-based  access  control  to 
be  effective. 

Another  upgrade  is  that  the 


URL  filter  can  now  be  set  up  to 
block  Web  sites  based  bn  a  spe¬ 
cific  word  or  phrase,  rather  than 
just  a  URL. 

All-in-one  Internet  gateways 
have  their  pluses  and  minuses. 
On  the  plus  side,  they  mean 
fewer  boxes  to  worry  about.  On 
the  minus  side,  they  can  be  chal¬ 
lenged  to  keep  up  with  end-user 
demand,  resulting  in  less  than 


desirable  performance. 

A  Forrester  Research  survey  of 
653  IT  managers  earlier  this  year 
found  that  less  than  one  in  five 
voiced  preference  for  multi-func¬ 
tion  appliances,  mainly  because 
of  worries  about  a  lack  of  horse¬ 
power. 

“It  will  take  time  for  people  to 
catch  on  to  the  benefits,”  says 
Forrester  analyst  Paul  Stamp.  ■ 


Stonefly  to  roll  out  SAN  starter  kit 


BY  DENI  CONNOR 

Stonefly  Networks  this  week  is  expected  to  launch 
an  entry-level  IP  storage-area  network  that  provides 
an  alternative  to  pricier  Fibre  Channel  offerings. 

ValueSAN,  which  starts  at  $9,000,  consists  of  a 
Stonefly  i3000  Storage  Concentrator  and  an  array  of 
Serial  ATA  disk  drives.  The  concentrator  connects  to 
the  LAN  via  Gigabit  Ethernet  and  to  the  storage  array 
via  SCSI.  A  Gigabit  Ethernet  adapter  with  an  iSCSI  dri¬ 
ver  is  installed  on  each  Windows,  Linux  or  Unix  host 
computer,  which  connect  to  the  array. 

Cost  was  one  of  the  factors  that  pushed  Darin  Soli, 
CIO  at  Ace  Asphalt  in  Phoenix,  to  an  IP  SAN  from 
Stonefly  He  says  Dell  initially  pushed  him  toward 
working  with  EMC,  a  Dell  partner. 

“We’re  a  $75  million  company  with  300  employees 
and  EMC  just  doesn’t  fit  the  economic  model,”  he 
says.“We  were  looking  for  something  more  cost-effec¬ 
tive.  Dell  recommended  Stonefly  for  a  mid-market 
solution.”  . 

Stonefly’s  use  of  iSCSI  rather  than  Fibre  Channel 
was  another  important  factor  in  his  decision  to 
implement  the  company’s  technology  Soil  says. 

“We  don’t  have  Fibre  Channel  expertise,”  he  says. 
“With  Stonefly  we  are  just  basically  working  with 
Gigabit  Ethernet.” 

IT  administrators  use  software  supplied  with 
ValueSAN  to  manage,  configure  and  provision  the 
array  The  software  includes  the  ability  to  take  snap¬ 


shot  copies  of  the  data  or  mirror  the  data  for  disaster 
recovery  purposes. 

“We  can  monitor  volume  status,  we  can  expand 
volumes  and  add  them,”  Soil  says.  ‘As  our  storage 
needs  increase  we  can  go  out  and  expand  volumes.” 

Stonefly  says  it  competes  most  often  with  ven¬ 
dors  such  as  Dell/EMC,  HP  and  IBM.  IBM  recently 
introduced  the  DS400  Fibre  Channel  array  and  a 
10-port  switch  that  the  company  bundles  for 
$16,376  with  500G  bytes  of  storage.  EMC  and  HP 
also  have  low-priced  SANs.  EMC’s  dual-controller 
AX100  with  four  Fibre  Channel  host  bus  adapters 
starts  at  $10,600. 

The  starting  configuration  for  ValueSAN  includes 
six  drives  for  a  capacity  of  960G  bytes.  Disk  drives  can 
be  added  to  increase  the  capacity  to  nearly  2T  bytes 
in  a  single  enclosure. Additional  capacity  is  available 
by  stacking  arrays.  The  drives  in  ValueSAN  can  be 
changed  out  or  added  without  interrupting  cus¬ 
tomer  applications.  ■ 


NEWS  ALERTS 

Hate  hunting  for  stories  on  a  specific  topic?  Let  the  news  come  to  you  with 
Ustvai;  Htoift  latest  news  alerts — with  focuses  on  security,  financials, 
standards,  trade  show  news  and  vendor-specific  news. 
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VoIP  season  about  to  heat  up 

EarthLink,  3Com  among  those  readying  offerings. 


Adomo  Voice  Messaging  for  Exchange  supports  IP  voice  mail. 


BY  TIM  GREENE 

September  should  be  a  big 
month  for  VoIP  technology,  with 
vendors  expected  to  launch  a 
host  of  offerings  at  a  pair  of  big 
trade  shows  focused  on  con¬ 
verged  networks. 

With  VoiceCon  opening  today 
in  San  Diego  and  Voice  on  the 
’Net  (VoN)  scheduled  for  Sept. 
19-22  in  Boston,  equipment  mak¬ 
ers  and  service  providers  are  lin¬ 
ing  up  in  preparation  for  what 
analysts  say  will  be  a  boom  time 
for  VoIP  services. 

According  to  a  new  Infonetics 
study  40%  of  customers  with 
broadband  Internet  connections 
also  will  buy  VoIP  service  by 
2008.  That  represents  24.3  million 
VoIP  customers,  up  from  1.1  mil¬ 
lion  last  year,  according  to  Kevin 
Mitchell,  the  Infonetics  analyst 
who  wrote  the  report. 

To  support  this  anticipated 
demand,  carriers  are  spending 
more,  Mitchell  says.  Infonetics 
numbers  indicate  that  voice 


providers  spent  18%  more  in  the 
second  quarter  of  this  year  than 
in  the  first  on  VoIP  gear,  the 
largest  quarter-to-quarter  jump 
ever.  The  $614  million  spent  in 
the  second  quarter  represents  a 
55%  increase  over  the  second 
quarter  of  2004,  the  study  says. 

Service  providers  are  now  look¬ 
ing  for  ways  to  draw  in  customers 
with  VoIP  so  they  can  then  sell 
them  more  converged  services 
down  the  road. 

For  instance,  EarthLink  is  beta 
testing  a  free  VoIP  service  that 
connects  customers  to  any 
other  Internet-connected  VoIP 
phone.  Called  Vling,  the  service 
is  based  on  SIPxua  open  source 
code  from  PingTel,  and  the 
alliance  will  be  announced  at 
VoiceCon. 

As  part  of  the  VoIP  service, 
EarthLink  is  offering  a  limited 
number  of  free  minutes  of  con¬ 
nection  time  to  phones  connect¬ 
ed  to  the  public  telephone  net¬ 
work.  EarthLink  hopes  customers 


will  like  the  service  and  be  will¬ 
ing  to  pay  for  public  switched 
telephone  network  connections 
after  the  free  minutes  run  out, 
says  Tom  Hsieh,  director  of  voice 
products  and  engineering  for  the 
company. 

But  Vling  is  more  than  just 
voice,  Hsieh  says.  Using  a  single 
ID,  EarthLink’s  Session  Initiation 
Protocol  (SlP)-based  service  can 
connect  customers  to  e-mail  and 
instant  messaging,  also  provided 
by  EarthLink. 

By  the  year-end,  EarthLink  also 


plans  to  offer  a  cut-rate  voice  ser¬ 
vice  in  conjunction  with  DSL 
provider  Covad  that  runs  the 
voice  traffic  over  their  IP  back¬ 
bones  to  save  on  costs. 

While  analysts  predict  more 
VoIP  services,  they  also  foresee 
increased  use  of  IP  voice  on  cor¬ 
porate  networks.  The  use  of  IP 
PBXs  is  poised  to  soar,  according 
to  a  study  by  In-Stat  that  predicts 
sales  of  these  devices  will  repre¬ 
sent  51%  of  all  PBX  sales  this  year 
and  grow  to  91%  worldwide  by 
2009. 


Hosted  service  simplifies  basic  RFID 


Profile:  Seeburger 


Location: 

World  headquarters  in  Bretten,  Germany,  north  of  Stuttgart;  U.S. 
office  in  Atlanta. 

Founded: 

1986 

Primary 

products: 

Seeburger  B2B  Gateway,  which  is  software  for  enterprise  application 
integration  and  B2B  integration;  RFID  Workbench,  software  for 
managing  RFID  data  and  hardware. 

Founder: 

Bernd  Seeburger,  currently  CEO  and  chairman. 

Finances: 

Privately  held;  does  not  disclose  revenues;  the  company  says  it  has 
seen  double-digit  growth  in  profits  for  the  past  10  years. 

Customers: 

6,500  globally,  including  200  in  the  U.S.  Among  them  are  Airbus, 
Kraft,  Toys  “R"  Us,  Volkswagen,  Whirlpool. 

Fun  fact: 

Company  meetings  in  Germany  invariably  feature  a  tent  outdoors, 
a  barbecue  of  German  sausages  and  music  from  an  oompah  band. 

BY  JOHN  COX 

Germany-based  Seeburger  AG 
will  next  month  unveil  a  hosted 
radio  frequency  identification  ser¬ 
vice  designed  to  let  companies 
jump-start  basic  RFID  programs 
without  breaking  the  bank. 

IDNet  automates  an  array  of 
basic  jobs  so  customers  can  con¬ 
centrate  on  tagging  merchandise 
with  labels  that  have  embedded 
RFID  tags. 

The  service  is  based  on 
Seeburger’s  RFID  Workbench  soft¬ 
ware,  an  application  designed  to 
support  everything  from  pilot 
RFID  projects  to  large-scale 
deployments.  Seeburger’s  B2B 
Gateway  makes  it  possible  to 
reach  out  to  a  range  of  enterprise  applications 
and  data. 

In  effect,  IDNet  customers  get  a  Web  inter¬ 
face  to  a  subset  of  RFID  Workbench  features 
that  let  them  translate  product  codes  —  for 
everything  from  clothing  to  office  furniture  — 
into  the  corresponding  Electronic  Product 
Codes  used  in  RFID,  and  print  these  out  as 
labels. 

The  printing  can  be  done  at  the  customer 
site  with  a  customized  Printronix  printer,  or 


through  a  service  bureau  arrangement  with 
Seeburger  partner  NCR. 

RFID-labeled  goods  are  increasingly 
required  by  retailers  such  as  Wal-Mart  and 
Target,  and  by  the  U.S.  Department  of  Defense. 
Unique  RFID  numbers  can  be  associated  with 
inventory  and  order  databases  and  allow 
retailers  to  track  where  items  are  and  how 
long  they  are  held. 

When  the  Defense  Department  is  involved, 
IDNet  can  be  used  to  format  and  send  the 


complex  advanced  shipping 
notice  (ASN)  that  the  Defense 
Department  requires.  The  service 
also  provides  an  audit  trail  and 
reports  on  such  things  as  shipping 
times.  An  optional  service  will 
check  the  RFID  tags  at,  for  exam¬ 
ple,  a  loading  dock  and  identify 
any  defective  tags  before  they’re 
put  onto  trucks. 

The  problem  with  RFID  man¬ 
dates,  says  Philip  Calderbank, 
Seeburger’s  vice  president  for 
RFID,  is  that  many  companies  fac¬ 
ing  the  new  requirements  are 
small  and  cannot  afford  invest¬ 
ment  in  RFID  infrastructure, or  they 
need  RFID  labels  quickly  IDNet  is 
designed  as  a  turnkey  offering:  it 
requires  no  upfront  investment  or  software 
installation. 

The  only  rival  offering  seems  to  be  Imobile 
Systems, which  has  a  hosted  option  for  its  RFID 
Sentinel  software. 

With  the  on-site  printer,  Seeburger  charges 
$500  per  month  for  the  service.  Users  must  sign 
up  fora  24-month  contract. Without  the  printer, 
the  monthly  fee  is  $300. 

IDNet  will  be  formally  unveiled  at  the 
EPCglobal  conference, Sept.  13-15, in  Atlanta.* 


Hoping  to  make  hay  on  that 
trend,  start-up  Adomo  is  launch¬ 
ing  its  first  product,  a  voice  mail 
system  that  integrates  with  Micro¬ 
soft’s  messaging  platform. Adomo 
Voice  Messaging  for  Exchange 
hardware  connects  IP  PBXs  or 
traditional  TDM  PBXs  with  Ex¬ 
change  and  Active  Directory 
servers  to  create  and  store  voice 
mail  as  audio  files  that  can  be 
retrieved  from  phones,  PCs  or 
handhelds. 

The  appliance  enables  users 
with  PBXs  made  by  multiple  ven¬ 
dors  to  make  a  single  connection 
to  the  Exchange  server. 

Setting  up  these  connections 
directly  between  PBXs  and  Ex¬ 
change  can  otherwise  be  time 
consuming  because  of  the  vari¬ 
ous  interfaces  each  PBX  might 
have.  Adomo  has  customized  its 
box  to  simplify  connectivity  to 
PBXs  made  by  vendors  such  as 
Alcatel,  Avaya,  Cisco,  Mitel,  Nortel 
and  Siemens.The  Adomo  box  fun¬ 
nels  all  the  PBX  traffic  to  the 
Exchange  server. 

In  some  cases  using  Adomo  as 
a  voice  mail  system  will  change 
the  keypad  commands  end  users 
punch  in  to  access  voice  mail, 
Adomo  says. 

The  mail  can  be  administered 
through  Exchange  via  a  voice 
services  tab  for  setting  up  user 
accounts.  The  device  can  be  fit¬ 
ted  with  an  auto  attendant  that 
responds  to  voice  commands  as 
well  as  keypad  commands.  The 
price  ranges  from  $12,000  for  a 
12-port  appliance  to  $24,000  for  a 
24-port  model. 

Also  next  month,  3Com  says  it 
will  team  with  Ingate  Systems  to 
provide  software  that  helps 
extend  IP  PBX  features  to  the 
homes  of  telecommuters  by  let¬ 
ting  individuals  with  home  fire¬ 
walls  connect  more  easily  to  cor¬ 
porate  3Com  IP  PBXs.  Normally 
these  home  firewalls  hide  the  IP 
address  of  the  telecommuter’s 
machines,  making  it  difficult  to 
complete  calls  to  IP  devices  be¬ 
hind  them.  But  Ingate’s  Remote 
SIP  Connectivity  Module  directs 
calls  to  these  devices  through  a 
single  firewall  port  to  the  appro¬ 
priate  IP  address. 

IBM  also  will  have  news,  as  it 
plans  to  demonstrate  at  VoN  an 
See  VoIP,  page  16 
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SOA 

continued  from  page  1 

Providence  Health  System  in 
Tigard,  Ore.,  SOA  management 
software  ideally  could  help  him 
learn  how  his  applications  work 
in  production  as  well  as  alert  the 
network  operations  team  when 
“requests  start  failing  at  a  cata¬ 
strophic  level.” 

To  get  insight  into  Simple 
Object  Access  Protocol  mes¬ 
sages  and  faults  today,  he  is  work¬ 
ing  to  integrate  implementations 
of  NetlQ  and  BMC  management 

“Ultimately,  I 
would  like  to  see 
where  my  services 
are  running  and 
how  they  interact.” 

Erik  Sargent,  Web  application  archi¬ 
tect,  Providence  Health  System 


software.  He  says  for  now  the 
existing  software  will  have  to  do, 
but  if  large  management  ven¬ 
dors  intend  to  target  SOA  he 
would  have  some  specific 
requests. 

How  things  run 

“Ultimately,  I  would  like  to  see 
where  my  services  are  running 
and  how  they  interact.  It  would 
be  good  to  create  a  meta-layer 
that  showed  how  they  talk  to 


each  other.  And  to  have  a  search¬ 
able  repository  of  services  and 
how  they  can  be  used,”  he  says. 
“Also,  if  I  run  multiple  services 
on  one  server,  I’d  like  to  know 
how  one  impacts  the  others  or  if 
the  failure  is  only  affecting  one 
service.” 

IBM  intends  with  this  release  to 
tie  SOA  service  performance  to 
underlying  components  to  help 
customers  identify  potential 
problems  across  an  SOA.  ITCAM 
for  SOA  comprises  centralized 
management  software  installed 
on  a  dedicated  server  and  dis¬ 
tributed  software  agents  that 
reside  on  systems  alongside  SOA 
platforms  such  as  BEA 
WebLogic,  IBM  WebSphere  and 
Microsoft  .Net.The  agents  collect 
performance  metrics,  such  as 
message  size,  response  time,  ser¬ 
vice  calls,  turnaround  time  and 
number  of  faults,  and  send  the 
data  to  the  management  server 
for  real-time  alerts. 

Customers  view  alerts  and  per¬ 
formance  data  via  the  Tivoli 
Enterprise  Fbrtal.SOA  application 
and  services  performance  metrics 
also  are  sent  to  a  data  warehouse 
that  provides  a  services  inventory 
of  sorts,  by  including  services  def¬ 
initions  and  their  potential  use  for 
quick  reuse  in  new  SOA-enabled 
applications. 

Management  heavyweights 
IBM,  HR  BMC  and  Computer 
Associates  compete  against 
companies  such  as  Actional, 
AmberFbint,  SOA  Software,  Sonic 


IBM  moves  on  continuous 
back-up  market 

BY  DENI  CONNOR 

IBM  last  week  introduced  software  that  continuously  backs  up  the 
files  on  workstations,  laptops  and  file  servers  throughout  the  network. 

The  IBM  Tivoli  Continuous  Data  Protection  for  Files  creates  a  copy  of 
any  data  that  changes  and  sends  it  over  the  IP  network  to  a  centralized 
server.  When  users  need  to  recover  files  that  might  have  been  acciden¬ 
tally  deleted,  they  can  grab  them  from  this  central  server. 

According  to  1DC,  60%  of  the  data  on  the  network  is  stored  on  desk¬ 
tops  and  laptops  rather  than  on  data  center  servers. 

The  software  will  not  eliminate  the  need  for  nightly  backups  —  even 
though  files  represent  a  large  portion  of  the  data  on  the  network,  there 
is  still  the  database  and  other  data  that  needs  to  be  protected.  For  that 
data,  IBM  has  Tivoli  Storage  Manager. 

Continuous  data  protection  products  have  become  plentiful  on  the 
market.  Microsoft  and  Symantec  have  products  that  allow  near  contin¬ 
uous  data  protection  for  files.  Revivio  offers  continuous  protection  for 
all  types  of  data.  A  number  of  start-ups  such  as  Mendocino  Software, 
Mimosa  and  XOsoft  also  offer  continuous  data  protection  software. 

IBM  Tivoli  Continuous  Data  Protection  for  Files  is  expected  to  be  avail¬ 
able  Sept.  16  for  $35  per  laptop  or  desktop  and  $995  per  server  proces¬ 
sor.  ■ 


Surveying  SOA 

IBM  Tivoli  Composite  Application  Management  for  SOA 
software  monitors  applications  to  ensure  performance 
meets  business  goals. 


Management 

console 


Centralized  software  resides  on  a 
management  console.  IT  managers 
can  configure  the  product  to  alert  on 
faults  that  could  indicate  performance 
problems  with  specific  applications  or 
underlying  servers. 


IT  manager 


Distributed  agents  on 
SOA  infrastructure 


Distributed  software  agents  reside 
on  SOA  components,  such  as  BEA 
WebLobic,  IBM  WebSphere  and 
Microsft  .Net  middleware  and 
application  servers.  The  agents 
collect  performance  metrics,  such 
as  message  size  and  response 
time,  and  send  the  data  to  the 
management  console. 


Application  MJl 
manager  I  1 


Application  managers  can  use  a 
Web-based  interface  to  perform 
searches  specific  to  lines  of  code, 
fine-tune  application  performance 
and  troubleshoot  problems. 


Software  and  Systinet,  which  indi¬ 
vidually  provide  products  to  man¬ 
age  Web  services  and  SOA- 
enabled  applications.  Most  of  the 
larger  management  vendors  used 
acquisitions  to  get  into  the  Web 
services  management  market  — 
IBM  acquired  Candle  in  April 
2004  and  Cyanea  in  July  2004,  HP 
purchased  Talking  Blocks  in 
September  2003,  the  same  month 
CA  acquired  Adjoin.  And  they  are 
using  developing  standards  to 
broaden  their  management  capa¬ 
bilities  to  address  SOA  now  that 
the  technology  is  spreading 
across  corporations. 

The  competition 


would  add  the  automated 
authentication  and  integration 
needed  to  keep  SOA  services 
securely  running.  Coupling  SOA 
management  tools  with  applica¬ 
tion  development  tools  and 
application  platforms  such  as 
those  in  IBM’s  Rational  and 
WebSphere  software  divisions, 
respectively,  also  would  help  cus¬ 
tomers  manage  the  entire  life 
cycle  of  SOA-enabled  applica¬ 
tions,  Heffner  says. 

“SOA  is  an  abstraction  layer  on 
top  of  other  systems  running 
within  a  customer  network,  so  if 
you  are  managing  an  application 
across  an  SOA  you  must  also 


manage  the  underlying  systems,” 
says  Ron  Schmelzer,  a  senior  ana¬ 
lyst  at  ZapThink.  “Management 
software  has  to  both  ensure  the 
services  are  available  to  the  right 
users  and  that  any  changes  to  the 
underlying  systems  do  not 
impact  the  services.” 

Yet  some  industry  watchers 
remain  skeptical  that  manage¬ 
ment  vendors  can  evolve  the 
architecture  of  their  products  to 
manage  SOA-enabled  applica¬ 
tions.  Historically,  management 
software  managed  applications 
primarily  by  monitoring  the  sys¬ 
tem  on  which  the  application 
ran,  using  system  performance 
data  to  determine  how  well  the 
application  performed.  Today’s 
SOA-enabled  applications  by 
design  are  dissociated  from  spe¬ 
cific  systems  and  developed  to 
be  reused  across  multiple  sys¬ 
tems,  making  the  centralized 
management  framework  inade¬ 
quate  to  address  the  random, dis¬ 
tributed  nature  of  applications 
and  services  across  an  SOA. 

“Traditional  management  soft¬ 
ware  systems  were  built  for  tight¬ 
ly  coupled  applications  and 
infrastructure.  Now,  with  SOA,  the 
infrastructure  tells  you  nothing 
about  the  applications,  and  man¬ 
agement  has  to  be  embedded  in 
the  application,”  says  George 
Hamilton,  a  senior  analyst  with 
The  Yankee  Group. 

And  even  if  they  do  detach 
applications  from  systems  man¬ 
agement,  all  SOA  management 
vendors  will  be  challenged  to  pro¬ 
vide  customers  with  the  event 
correlation  to  make  intelligent 
use  of  data  collected  at  the  SOA 
and  underlying  system  levels. 

“It’s  one  thing  to  know  that  a 
Web  service  performed  a  certain 
way,  it’s  another  thing  to  know 
what  to  do  with  that  information 
or  how  it  relates  to  system-level 
performance,”  Hamilton  says.  ■ 


Despite  niche  vendors’  early 
delivery  of  SOA  management 
tools,  industry  watchers  predict 
the  smaller  companies  will  face 
tough  long-term  competition  as 
IBM,  HR  CA  and  others  —  such 
as  BEA  with  its  AquaLogic  suite 
—  work  toward  integrating  SOA 
management  capabilities  into 
their  broader  product  portfolios. 

Take  IBM,  for  example.  ITCAM 
for  SOA  is  being  developed  to 
integrate  with  Tivoli  Federated 
Identity  Manager,  IBM’s  identity 
management  software  that 


Tivoli,  IBM's  management  software  arm,  last 
week  said  it  would  soon  offer  software  that 
will  let  customers  manage  service-oriented 
architecture-based  applications.  Alfred  Zollctr, 
general  manager  at  Tivoli  software,  sat  down 
at  the  Share  user  conference  in  Boston  with 
Network  World  Senior  Editor  Denise  Dubie  to 
discuss  how  the  company  plans  to  help  cus¬ 
tomers  manage  and  optimize  performance  of 
this  emerging  technology  area. 

Head  online  to  www.networkworld.com, 
DocFinder:  8637  for  their  dicussion. 


HP  PROLIANT  BL20p  G3  BLADE  SERVER 


with  ProLiant  Essentials  Management  Software 

•  Up  to  2  Intel*  Xeon™  Processors  (3.60GHz/2MB)' 

•  High  density:  Up  to  48  servers  per  rack 

•  Flexible/Open:  Integrates  with  existing  infrastructure 

•  HP  Systems  Insight  Manager™:  Web-based  networked 
management  through  a  single  console 

■  Rapid  Deployment  Pack:  For  ease  of  deployment  and 
ongoing  provisioning  and  reprovisioning 

•  Integrated  Cisco  or  Nortel  switch  options 


HP  STORAGEWORKS  MSA1500cs 


Get  2TB  of  Storage  Free  ($2,800  Value)1 
•  Up  to  24TB  of  capacity  (96  250GB  SATA  drives) 

■  Up  to  16TB  of  capacity  (56  300GB  SCSI  drives) 

■  Ability  to  mix  SCSI  and  Serial  ATA  enclosures 
for  greater  flexibility 

■  2GB/ 1GB  Fibre  connections  to  host 


Download  a  free  I  DC  white  paper 

Reducing  Total  Cost  of  Ownership 
Through  the  Use  of  Blade  Systems. 

Save  $750  instantly 

on  a  blade  enclosure  solution? 

See  Web  site  tor  details. 


The  HP  ProLiant  BL20p  G3  blade  server  with  the  Intel'  Xeon™  Processor  simplifies  server  management.  In  fact,  it's 
so  simple,  you  can  even  manage  it  remotely  through  leading  Web  browsers  using  HP  iLO  technology.  And 
not  only  is  it  simple  to  manage,  it's  also  simple  to  monitor  and  set  up.  It  all  starts  with  the  Rapid  Deployment  Pack, 
giving  you  an  automated  setup  process  to  configure  and  deploy  servers  at  high  volume  and  a  rapid  pace. 
Then  HP  Systems  Insight  Manager™  gives  you  a  real-time  overview  of  system  performance,  even  alerting  you 
to  potential  problems  before  they  occur.  Plus,  you  can  bundle  it  with  the  HP  StorageWorks  MSA1500cs  to  make 
storing  your  data  simple,  scalable  and  affordable.  So  with  HP,  you  get  more  expertise  before  you  buy,  more 
technology  when  you  do  and  more  support  after.  Wherever  you  happen  to  be. 


SMART  ADVICE  >  SMART  TECHNOLOGY  >  SMART  SERVICES 


Call  1-877-298-0631 
Click  hp.com/go/bladesmag20 
Visit  your  local  reseller 
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Summertime 

continued  from  page  1 

more  central  role:  high-band- 
width  local  networks,  including 
wireless  LANs;  high-bandwidth 
connections  with  other  institu¬ 
tions;  and  legions  of  more  power¬ 
ful  laptops. 

IT  “has  become  so  integrated 
with  the  curriculum  that  it  can 
never  be  extricated,”  says  Carl 
Whitman,  executive  director  of  IT 
at  American  University  in 
Washington,  D.C.This  whole 
place  is  relying  on  [the  network] 
for  its  core  functions.” 

Improving  infrastructure 

Continued  improvements  to 
the  network  infrastructure  are 
priorities  this  summer  on  many 
campuses. 

Villanova  University  in 
Pennsylvania  has  nearly  doubled 
the  overall  Internet  bandwidth 
on  campus  to  145M  bit/sec,  and 
now  has  its  first  Internet  con¬ 
nection  at  25M  bit/sec,  with  an 
option  to  boost  that  in  the  future. 
“We’re  very  network  centric,  and 
we  felt  [both  of  these]  were  a 
prerequisite,”  says  CIO  Stephen 
Fugale.“Internet2  gives  us  a  col¬ 
laborative  capability  both  nation¬ 
ally  and  globally 

Villanova  has  hired  an  outside 
contractor  to  assess  the  campus 
network  as  the  school  begins  to 
evaluate  VoiPwith  a  recently 
launched  pilot  project  using  VoIP 
phones  from  Cisco,  Polycom  and 
others.“We  know  that  the  under¬ 
lying  [network]  infrastructure  is 
not  completely  ready  overall,” 
Fugale  says.“That’s  why  we’re  get¬ 
ting  outside  expertise  to  evaluate 


this  and  partner  with  us." 

Framingham  State  College  in 
Massachusetts  is  using  the  sum¬ 
mer  to  upgrade  the  network 
cabling  at  a  large  dormitory  and 
the  College  Center,  one  of  the 
main  campus  buildings.  Gigabit 
Ethernet  connections  now  link 
the  switches,  with  the  ports  run¬ 
ning  at  10/100M  bit/sec.  At  the 
same  time,  the  college  is  plan¬ 
ning  to  equip  all  classrooms  with 


802.1  la  WLAN  access  points, 
with  the  radio  power  levels  low¬ 
ered  so  that  only  students  in  a 
given  room  can  connect  to  that 
access  point.  The  goal  is  to  opti¬ 
mize  throughput  and  reliability 
for  the  classroom,  says  Michael 
Zinkus.the  school’s  director  of 
network  services. 

Security 

Security  priorities  reflect  ongo¬ 
ing  concerns  about  preventing  a 
recurrence  of  the  worm  attacks 
that  crippled  campus  networks 


two  years  ago. The  school  also  is 
focusing  on  adding  centralized 
resources  and  on  securing 
clients. 

Northwestern  University  in 
Evanston,  Ill.,  is  adding  more  data 
collection  and  analysis  tools  for 
sifting  through  network  traffic 
and  events  to  detect  potential 
security  problems.The  school  is 
also  fine-tuning  its  Network  User 
Status  Agent  (NUSA),  which  is  a 


Web-based  system  for  monitor¬ 
ing  and  controlling  network 
ports.  Using  NUSA,  the  central 
network  group  can  contact  local 
tech-support  teams  in  various 
departments  when  host  prob¬ 
lems  are  detected. 

The  school  also  has  started 
migrating  WLAN  users  from  a 
VPN-based  authentication  model 
to  one  based  on  the  IEEE  802.  IX 
standard,  says  Patricia  Todus, 
Northwestern’s  deputy  CIO. 

More  schools  are  subjecting 
clients  to  an  array  of  security 


checks  before  they’re  allowed  to 
log  on  to  campus  networks. 
American  University  is  deploying, 
and  Villanova  is  piloting,  the 
Cisco  Clean  Access  software  (for¬ 
merly  Perfigo’s  Clean  Machine). 
Clean  Access  intercepts  a  client 
logon;  checks  to  see  that  the  PC 
is  running  things  such  as  up-to- 
date  software  patches,  anti-virus 
definitions  and  security  settings; 
and  only  then  allows  access  to 
the  network.  If  the  software 
detects  a  problem,  it  redirects  the 
user  to  a  Web  site  for  instruc¬ 
tions,  patches  and  updates. 

“The  costs  of  doing  without  this 
[capability]  have  just  gotten  to 
be  too  much,”  American 
University’s  Whitman  says.“When 
the  Sasser  worm  struck  [two 
years  ago]  it  put  us  out  of  busi¬ 
ness  pretty  badty 

To  achieve  similar  goals, 
Framingham  State  is  deploying 
Bradford  Campus  Manager, 
which  is  software  for  registering 
client  devices  and  checking  that 
they  have  up-to-date  software, 
including  anti-virus.The  software 
collects  the  device’s  media 
access  control  address,  which  is 
then  associated  with  a  range  of 
other  user  information:  IP 
address,  user  name,  dorm 
address,  phone  number.“If  a  stu¬ 
dent  sets  up  an  FTP  server,  we 
can  now  track  that  to  what  port 
they’re  plugged  into,  what  room 
they’re  in,”  Zinkus  says. 

Some  institutions  are  spending 
time  finding  and  expunging  the 
use  of  student  Social  Security 
numbers  as  identifiers.This  data 
is  critical  for  identity  thieves. The 
Ohio  State  University  in 
Columbus  has  records  stretching 
back  to  the  mid-1980s,  covering 
hundreds  of  thousands  of  former 
students  and  staff. The  university 
is  sifting  through  electronic 
records,  revising  applications,  and 
educating  faculty  and  students 
about  avoiding  the  use  of  this 
data,  says  Charles  Morrow-Jones, 
director  of  security 

He’s  also  evaluating  anti-spy- 
ware  applications  from  start-ups 
as  well  as  established  anti-virus 
vendors  such  as  Symantec.  The 
university  also  is  evaluating 
Microsoft’s  Windows 
AntiSpyware  beta  code,  which 
Microsoft  recently  acquired  by 
buying  a  start-up  called  Giant. 
“We  see  spyware  as  more  of  a 
malware  transmission  vector 
than  viruses  are  right  now” 
Morrow-Jones  says.“Is  there  a  dif¬ 
ference  between  adware  and 


spyware?  At  the  moment,  I’m  of 
the  school  of  thought  that  says, 
‘Hey,  it’s  all  junk.’” 

New  services 

Computers  and  networks  are 
increasingly  central  to  the  inter¬ 
action  between  teacher  and  stu¬ 
dent,  and  between  students.  For 
more  schools,  priorities  are  in 
the  area  of  sophisticated  new 
applications  that  combine 
online  resources  with  collabora¬ 
tion  tools. 

Case  Western  Reserve 
University  in  Cleveland  this  sum¬ 
mer  is  going  live  with  its 
MediaVision  Courseware  pro¬ 
ject,  which  has  been  a  pilot  pro¬ 
ject  for  the  last  three  semesters 
for  students  majoring  in  chem¬ 
istry  MediaVision  combines 
Mirage’s  video  indexing  and  cat¬ 
aloging  software  with 
Anystream’s  encoding  and  video 
content  management  software. 
Case  programmers  added  sup¬ 
port  for  threaded  conversations, 
instant  messaging  and  other  fea¬ 
tures,  says  Lev  Gonick,the  uni¬ 
versity’s  CIO. 

A  video  camera  in  the  class¬ 
room  records  a  lecture,  which 
MediaVision  then  digitizes, 
indexes  and  stores.  Students 
access  the  MediaVision  Web 
page  and  can  search  the  video 
archive  for  specific  topics  such 
as  hydrogen  reactions. The  stu¬ 
dent  selects  a  clip  from  the  list 
created  by  MediaVision,  then 
clicks  to  replay  it.  Students  in 
the  introductory  chemistry 
course  scored  a  half-grade  high¬ 
er  than  students  in  the  past, 
Gonick  says. 

The  school’s  department  of 
dance  and  theater  has  been 
using  video,  audio  and  a  lot  of 
bandwidth  to  coordinate  cross¬ 
country  dance  performances, 
with  live  music,  for  instruction 
and  evaluation.  Students,  chore¬ 
ographers,  dancers  and  musi¬ 
cians  can  be  in  different  loca¬ 
tions  yet  participate  together  in 
real  time. 

“We’ve  begun  to  shift  the 
resource  allocations  [for  net¬ 
working  and  IT]  from  the  basic 
utility  function  to  value-added 
services,  things  that  contribute  to 
better  learning,  better  research, 
better  community’  Gonick  says. 

In  other  words,  it’s  a  good  bet 
that  college  and  university  net¬ 
work  professionals  probably 
can’t  look  forward  to  extended 
summer  vacations  in  the  future, 
either.* 


Intel  eyes  Wi-Fi  security 


BY  STEPHEN  LAWSON,  IDG  NEWS  SERVICE 

Intel  is  developing  a  way  to  locate  a  Wi-Fi  user  by 
timing  how  long  it  takes  for  packets  to  travel  to  and 
from  a  wireless  access  point,  which  could  prevent 
users  outside  a  house  or  office  from  accessing  a  Wi¬ 
Fi  network  indoors. 

Knowing  where  a  system  is  located  also  could  be 
an  invaluable  aid  in  finding  and  fixing  hardware 
problems  in  data  centers,  and  informing  mobile  de¬ 
vice  users  of  places  or  services  nearby  said  Justin 
Rattner.an  Intel  senior  fellow.  He  showed  off  the  tech¬ 
nology  at  the  Fall  Intel  Developer  Forum  (IDF)  in  San 
Francisco  last  week. 

In  the  demonstration,  the  access  point  timed  how 
long  it  took  a  packet  to  travel  out  to  the  client  system 
and  come  back.  From  the  length  of  that  round-trip 
time.it  extrapolated  how  far  away  the  client  was. 


The  technology  is  so  precise,  even  up  to  231  feet 
from  the  access  point,  that  it  can  tell  whether  a  client 
device  is  inside  or  outside  a  wall,  Rattner  said.  For 
keeping  neighbors  or  passers-by  from  intruding  on  a 
home  or  enterprise  network,  it  might  even  be  more 
effective  than  current  encryption  systems,  he  added. 

Another  possible  use  of  the  technology  is  to  make 
a  video  program  follow  a  user  from  room  to  room. 
For  example,  if  a  user  carried  a  notebook  PC,  the  pro¬ 
gram  could  move  from  a  TV  in  the  living  room  to  a 
large  PC  monitor  in  an  office  and  then  come  up  on 
the  notebook  when  the  user  got  out  of  range  of 
either  stationary  display  he  said. 

Both  access  points  and  clients  would  have  to  be 
modified  to  support  the  system.  Intel  plans  to  bring 
the  technology  to  the  IEEE  802.11  group  for  stan¬ 
dardization.  ■ 


** We’ve  begun  to  shift 
the  resource  allocations 
[for  networking  and  IT] 
from  the  basic  utility 
function  to  value-added 
services,  things  that  con¬ 
tribute  to  better  learning, 
better  research,  better 
community.** 


Lev  Gonick,  CIO,  Case  Western  Reserve  University 


YOUR  JOB  IS  TO  KEEP  SYSTEMS  AND  APPLICATIONS  RUNNING. 
OUR  MISSION  IS  TO  KEEP  PEOPLE  AND  INFORMATION  CONNECTED 
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LET’S  WORK  TOGETHER. 


Continuous  access  to  information  no  matter  what.  That’s  Information 
Availability.  It’s  what  your  employees,  suppliers  and  customers  demand  every 
minute  of  every  day.  But  to  deliver  it  flawlessly,  you  need  a  massive  global 
infrastructure,  redundant  systems  and  diverse  networks  being  monitored  and 
supported  by  skilled  technical  experts  at  secure  facilities.  That’s  exactly  what 
SunGard  provides. 

As  a  result,  we  can  offer  you  a  higher  level  of  availability  and  save  your 
company,  on  average,  25%‘  versus  building  the  infrastructure  yourself.  Plus, 
it’s  a  vendor  neutral  solution  that  lets  you  control  your  data,  applications  and 
network  while  giving  you  the  flexibility  to  adjust  to  the  changing  needs  of  your 
business.  But  best  of  all,  it  lets  you  spend  more  time  solving  business  problems 
and  less  time  solving  technical  problems. 


For  years,  companies  around  the  world  have  turned  to  SunGard  to  restore  their 
systems  when  something  went  wrong.  So,  it’s  not  surprising  that  they're  now 
turning  to  us  to  mitigate  risk  and  make  sure  they  never  go  down  in  the  first  place. 

You  want  your  network  and  systems  to  always  be  up  and  running.  We  want  the 
same  thing.  Let’s  get  together.  To  learn  more,  visit  www.availability.sungard.com  or 
call  1-800-468-7483. 

SUNGARD  KeHepi7  People 

^  mmm  and  Information 

Availability  Services  Connected ,™ 

’Potential  savings  based  on  IOC  White  Paper,  Ensuring  Information  Availability:  Aligning  Customer  Needs  with  an  Optimal  Investment  Strategy. 
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P2P  traffic  still  dominates  the  'Net 


BY  JASON  MESERVE 

A  new  study  that  looks  at  the 
impact  of  peer-to-peer  traffic  on 
service  provider  networks  shows 
file  swapping  forges  on  unabated. 

CacheLogic  of  Cambridge, 
England  says  the  practice  shows 
no  sign  of  slowing  down  despite 
court  rulings  that  have  shut 
down  some  popular  sites  such 
as  Suprnova,  a  BitTorrent  track¬ 
ing  service  that  offered  links  to 
pilfered  television  and  movie 
content. 

CacheLogic’s  global  monitor¬ 
ing  network  shows  60%  of  all 
Internet  traffic  is  the  result  of 
peer-to-peer  file-sharing  plat¬ 
forms,  with  eDonkey  taking  over 
the  top  spot  from  BitTorrent. 

“The  Whack-A-Mole  game  con¬ 
tinues,”  says  Andrew  Parker, 
CacheLogic’s  CTO.  “The  authori¬ 
ties  go  after  one  [peer-to-peer] 


Traffic  jam 

According  to  CacheLogic, 

60% 

of  all  Internet  traffic  is  the 
result  of  peer-to-peer  file¬ 
sharing  platforms. 

system  and  another  one  pops 
up.” 

At  the  end  of  2004,  BitTorrent 
accounted  for  30%  of  all  Internet 
traffic.  But  after  the  Motion 
Picture  Association  of  America’s 
moves  to  shut  down  BitTorrent 
tracking  sites,  centralized  servers 
for  locating  distributed  content, 
swappers  began  moving  to  other 
less-publicized  services. 

Today,  eDonkey,  a  system  that 
uses  no  centralized  servers  or 
tracking  sites,  consumes  the 


most  bandwidth  of  any  applica¬ 
tion  on  the  Internet,  particularly 
overseas,  according  to  Parker.  In 
the  U.S.,  Gnutella  has  seen  resur¬ 
gence  in  popularity  among 
swappers. 

Of  the  files  being  swapped  on 
the  four  major  file-sharing  sys¬ 
tems  (eDonkey,  BitTorrent, 
FastTrack  and  Gnutella)  62%  is 
video  and  1 1%  is  audio,  with  the 
rest  being  miscellaneous  file 
types,  according  to  the  study. 
The  problem  for  ISPs  is  the  traf¬ 
fic  is  symmetric,  meaning  the 
same  amount  of  traffic  going 
downstream  (where  the  pipe  is 
bigger)  is  coming  back  up, 
choking  the  smaller  upstream 
broadband  pipes.  And  traffic  is 
constant  all  hours  of  the  day 
unlike  e-mail  and  Web  surfing, 
which  tails  off  in  the  overnight 
hours. 


In  addition  to  releasing  Inter¬ 
net  traffic  details,  CacheLogic  is 
announcing  it  is  looking  to 
expand  its  monitoring  network 
by  offering  free  equipment  to 
select  service  providers.  Cache- 
Logic  and  the  ISP  would  share 
the  traffic  analysis  data. 

Peer-to-peer  file  sharing  does 
have  some  legitimate  uses,  as  it 
pushes  the  distribution  load 
away  from  a  central  origin  serv¬ 
er  and  out  to  the  very  edge:  each 
individual  user/viewer. 

The  BBC  has  launched  IMP  a 
download  service  that  relies  on 
peer-to-peer  technology  to  de¬ 
liver  television  programming  to 
subscribers.  Each  program 
could  be  multi-gigabyte,  which 
would  be  nearly  impossible  to 
serve  to  all  BBC  subscribers 
from  a  central  location,  Parker 
says.  ■ 


3Com  airs  workgroup  switches 


Devices  boast 
Power-over- 
Ethernet, 
traffic  shaping 
capabilities. 

BY  TIM  GREENE 

3Com  is  filling  out  the  lower 
end  of  its  workgroup  switching 
gear  with  the  introduction  of 
two  switches  designed  for  small 
offices  in  large  corporations 
that  need  to  manage  the  gear 
remotely. 


Office  Connect  Managed 
Switch  9  and  9  FX  are  eight-port 
desktop  workgroup  switches 
that  offer  full  SNMP  support  for 
IT  staff  to  manage  them  from  a 
central  location. 

They  also  provide  Power  over 
Ethernet  (PoE)  through  four  of 
the  ports  to  support  other  tech¬ 
nology  such  as  VoIP  and  Wi-Fi 
by  providing  power  for  IP 
phones  and  wireless  access 
points,  the  company  says. 

If  customers  need  more  PoE 
ports,  they  can  connect  the 
ports  on  the  switch  to  3Com 
IntelliJack  units,  four-port 


VoIP 

continued  from  page  11 

open  source  IP  PBX  based  on 
software  from  Digium  that  runs 
on  IBM’s  Blade  Center  servers. 
The  demo  will  use  high-avail- 
ability  hardware  and  modified 
Digium  software  that  maintains 
calls  if  one  server  crashes  by 
transferring  them  to  a  standby 
back-up  server. 

These  PBX  products  may  ben¬ 
efit  from  a  surge  in  IP  PBX  sales 
expected  over  the  next  four 
years,  according  to  the  In-Stat 
study.  The  number  of  individual 


phones  served  by  IP  PBXs  will 
grow  from  9.5  million  this  year 
to  28.1  million  in  2009,  In-Stat 
says.  ■ 
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More  online 

Get  the  information  that's  critical  to  your 
VoIP  success.  Attend  a  special  Network 
World  event  exclusively  for  IT  executives 
responsible  for  the  effectiveness  of  their 
organization's  VoIP  initiatives. 
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3Com  Office  Connect  9  and  9FX 
support  Power  over  Ethernet. 


switches  that  fit  into  standard 
Ethernet  wall  cutouts  to  provide 
individual  desks  with  more 
jacks,  3Com  says. 

The  switches  also  support  traf¬ 
fic  shaping  and  rate  limiting  that 
can  give  voice  traffic  priority 
over  other  traffic.  It  can  auto¬ 
matically  identify  voice  traffic 
generated  by  3Com’s  NBX  VoIP 
system  via  tools  that  come  stan¬ 
dard.  It  can  be  integrated  with 
other  vendors’  VoIP  gear  via 
manual  configuration,  the  com¬ 
pany  says. 

These  switches  offer  an  alter¬ 
native  to  unmanaged,  but  inex¬ 
pensive,  switches  from  Linksys 
and  D-Link  or  from  buying  larg¬ 
er  and  more  expensive  switches 
from  3Com. 

A  12-port  3Com  SuperStack 
switch  is  priced  from  $700  to 


$800  and  is  designed  more  for  a 
site  that  has  a  wiring  closet, says 
John  Sheedy,  a  3Com  LAN  infra¬ 
structure  product  marketing 
manager. 

The  Office  Connect  9  costs 
$500  with  a  copper  Gigabit 
uplink  port  and  $700  with  a 
Gigabit  fiber  port. 

By  comparison,  a  managed 
Cisco  Catalyst  2940  eight-port 
switch  costs  about  $800  or 
$1,000,  depending  on  whether  it 
has  a  copper  or  fiber  Ethernet 
uplink  port,  and  it  lacks  PoE. 

Customers  likely  won’t  buy 
these  3Com  switches  unless 
they  already  are  3Com  shops, 
says  Matthias  Machownski,  an 
analyst  with  Infonetics.“This  fills 
in  a  hole  in  3Com’s  portfolio,” 
he  says. 

The  new  switches  also  support 
port  security  that  associates  a 
port  with  a  specific  device  as 
defined  by  its  MAC  address.  If  a 
device  with  another  MAC 
address  plugs  into  that  port,  it  is 
blocked  from  connecting  to  the 
network.  Each  switch  can  define 
up  to  40  virtual  LANs.  ■ 


HIGH-SPEED  LANS 


Subscribe  to  our  free  newsletter. 
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InSite: 


Sabre  flies  with  SSL 


Short  Takes 


■  Identity  vendors  Trustgenix  and 
IdentityForge  last  week  said  they 
would  integrate  their  software  to  let 
users  incorporate  mainframe  identi¬ 
ties  into  single  sign-on  projects.  The 
two  have  developed  an  adapter  that 
will  link  their  products  —  Trustgenix's 
IdentityBridge,  which  is  an  identity 
federation  server,  and  Indentity- 
Forge's  LDAP  Gateway,  which  trans¬ 
lates  Lightweight  Directory  Access 
Protocol  calls  into  mainframe  com¬ 
mands  and  vice  versa.  Users  can  be 
authenticated  at  the  mainframe  and 
have  their  credentials  passed  to  the 
network  or  to  a  partner  network,  or 
authenticated  elsewhere  in  the  net¬ 
work  and  have  those  credentials  used 
to  access  mainframe  resources.  The 
adapter  is  expected  to  be  available  by 
the  year-end  .  The  software  will  be 
included  for  free  with  both  products. 

■  Managed  security  services  provider 
Internet  Security  Systems  last 
week  announced  it  has  added  support 
for  non-ISS  intrusion-prevention  sys¬ 
tems  to  the  menu  of  security  equip¬ 
ment  it  will  support.  In  addition  to  its 
own  IPS  line  of  equipment  for  actively 
blocking  attacks,  ISS  will  now  also 
manage  IPS  gear  from  Cisco, 

McAfee  andTippingPoint,  which  is 
owned  by  3Com.  Monthly  fees  start 
at  at  $300.  ISS  operates  four  data 
centers  worldwide. 

■  McAfee  announced  last  week  Virex 
7.7,  the  latest  version  of  the  compa¬ 
ny's  Macintosh  anti-virus  software. 
Among  the  changes  is  support  for 
Apple’s  Mac  OS  X  Tiger.  While  virus¬ 
es  that  come  to  a  Mac  through  e- 
mail  or  in  other  files  don't  harm  the 
system,  they  can  be  sent  to  Windows 
machines  and  spread.  This  is  a  big¬ 
ger  problem  for  companies  than 
viruses  written  for  the  Mac.  Virex  is 
managed  by  McAfee  ePolicy 
Orchestrator,  letting  customers 
manage  McAfee  system  security 
packages  from  a  central  location. 
ePO  lets  customers  track  viruses 
and  which  users  are  up  to  date. 
McAfee  Virex  will  be  available  this 
week.  Pricing  was  unavailable. 


BY  TIM  GREENE 

ravel  services  giant  Sabre  wanted 
to  give  customers  access  to  its  data 
center  without  having  to  provision, 
install,  manage  and  maintain  remote 
access  gear,  and  it  found  the  answer  in 
SSL  VPNs. 

Using  standard  desktop  browsers  and 
an  Internet  connection,  customers  can 
reach  Sabre’s  portal  and  transit  busi¬ 
ness  as  if  they  had  site-to-site  network 
layer  connection  to  the  data  center  via 
an  IPSec  VPN.  The  difference  is  that  an 
TfSeJSN  require&eparate  VPN  appli¬ 
ances  at  each  of  Sabre’s  more  than 
10,000  customer  sites,  while  the  SSLVPN 
requires  gear  only  at  the  data  center. 
Sabre  currently  supports  2,000  users  on 
the  SSLVPN;  when  the  project  is  com¬ 
pleted  it  will  support  70,000,  the  compa¬ 
ny  says. 

Sabre  wouldn’t  say  how  much  it  is  sav¬ 
ing  by  transitioning  to  Nortel  SSL  VPN 
technology,  but  it  eliminates  the  capital 
cost  of  devices  at  customer  sites  and  the 


BY  ELLEN  MESSMER 

Start-up  Enira  Technologies  this  week 
plans  to  roll  out  software  that  lets  users 
respond  to  security  problems  by  applying 
filters  or  shutting  off  access  to  LAN  seg¬ 
ments  to  protect  desktops  and  servers. 

The  Network  Response  System  can 
quarantine  desktops,  servers  and  any 
device  assigned  an  IP  address  by  switch¬ 
ing  ports,  turning  them  off  and  applying  a 
media  access  control  filter,  or  moving  a 
device  to  a  virtual  LAN  according  to  poli¬ 
cy-based  decisions.  The  policy  is  applied 
based  on  information  sent  to  the  Network 
Response  System  by  multi-vendor  intru¬ 
sion-prevention  systems  (IPS),  and  securi¬ 
ty  information  management  (SIM)  and 
other  gear.  Enira’s  product  represents  yet 
another  approach  to  network  quarantine 
to  exert  tighter  network  control.  Cisco’s 
Network  Admission  Control  program, 
which  includes  about  60  separate  ven- 


ongoing  cost  of  keeping  them  up  and 
running.'The  economies  were  very  attrac¬ 
tive,”  says  Lindsay  Miller,  Sabre’s  senior 
principal  for  end-to-end  engineering. 

Saving  money 

The  project  came  about  as  part  of  an 
overriding  plan  to  cut  back  on  ongoing 
maintenance  of  customer  connectivity, 
says  Ancfegw  Teel,  the  company’s  senior 
principal  in  charge  of  strategic  archi¬ 
tecture.  “We’re  trying  to  pull  away  from 
giving  customers  physical  equipment 
and  network  connections,”  he  says. 
Historically,  Sabre  would  connect  its 
travel  agent  customers  to  its  data  center 
and  take  responsibility  for  the  link  from 
site  to  site. 

To  keep  the  IPSec  VPN  running,  Sabre 
needed  a  vendor  that  handled  mainte¬ 
nance  and  repairs,  warehouse  space  to 
keep  spares,  license  fees  and  central 
servers  —  all  of  which  ran  up  the  cost. 
“It’s  almost  like  a  PC  you’re  maintaining 
out  at  the  customer  site.  With  the  SSL 
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vulnerability  management 
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Christopher  Key,  CTO  and  vice 
president  of  engineering 

dors,  is  another. 

The  Network  Response  System, 
installed  in  the  corporate  intranet,  must 
first  be  configured  to  know  the  corporate 
network  topology, says  Axel  Tillmann,  Enira 
vice  president. That  includes  the  firewalls, 
routers,  and  location  of  desktops  and 


VPN  it’s  really  just  the  capital  cost  of  the 
equipment  and  then  the  license  fee  on 
a  user  basis,”  Miller  says. 

The  company  shifted  the  bulk  of  these 
connections  to  IPSec  VPNs  about  10 
years  ago  and  is  now  in  the  midst  of  a 
shift  to  SSL  VPNs.“We’re  trying  for  a  zero 
footprint,’ ’Teel  says. 

Sabre  enlisted  the  aid  of  network  con¬ 
sultant  EDS  to  help  decide  which  SSL 
vendor  to  choose.  Besides  Nortel,  Sabre 
considered  Aventail,  Cisco,  F5  and  Net- 
Scaler.  Nortel  had  a  leg  up  because  Sabre 
uses  Nortel  Contivity  gear  for  its  IPSec 
access,  but  Nortel  also  was  able  to  inte¬ 
grate  its  gear  with  Sabre’s  customer-por¬ 
tal  software  called  MySabre.  It  was  also 
able  to  scale  to  support  the  70,000  users 
Sabre  wants  to  transition  to  the  SSL  tech¬ 
nology, Teel  says. 

Nortel  did  well  against  the  competi¬ 
tors  in  benchmarking  tests  performed 
by  EDS,  he  says.  Those  results,  in  con¬ 
junction  with  cost  and  Nortel’s  ability  to 

See  Sabre,  page  18 


servers  and  other  equipment. 

In  addition,  the  network  manager  must 
decide  what  installed  security  products  — 
the  corporate  IPS,  SIM,  anti-virus  or  fire¬ 
walls  —  will  be  the  source  of  security- 
event  information. 

Tillmann  says  Enira’s  software  can  be 
added  to  current  products  so  that  security- 
event  data  is  sent  directly  to  Enira’s 
Network  Response  System  in  order  to 
develop  a  policy  of  automated  response  to 
specific  events  such  as  worm  attacks. 

He  adds  that  the  response  doesn’t  have 
to  be  automated  —  the  Network  Response 
System  can  be  set  up  to  advise  actions  to 
be  carried  out  after  a  review  in  which  the 
security  manager  decides  the  actions  are 
appropriate. 

This  is  the  course  preferred  at  Boston 
Medical  Center,  which  has  been  using 
Enira’s  Network  Response  System  for  about 

See  Enira,  page  18 


Start-up  targets  security  response 
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The  fairy  tale  of  ‘net  neutrality' 


TOLLY  ON  TECHNOLOGY 
Kevin  Tolly 


With  broadband  service  pro¬ 
viders  in  hot  pursuit  of  the 
“value-add”  dollars  being  vacu¬ 
umed  from  their  customers  by 
VoIP  service  providers  such  as 
Vonage,  it  was  no  surprise  to  see 
the  battle  make  its  way  to  the 
front  page  of  The  Wall  Street 
Journal  earlier  this  month. 

In  short,  a  regional  service 
provider  decided  —  apparently 
without  mentioning  it  to  cus¬ 
tomers  —  to  block  Vonage  calls 
from  traversing  its  network.  The 
FCC  came  to  the  rescue  and 
forced  the  service  provider  to 
remove  the  block.  Score  one  vic¬ 
tory  for  VoIP  service  providers, 


but  the  battle  has  just  begun. 

It’s  what  the  Israelis  would  call 
a  “balagan”  —  a  real  mess.  It 
might  not  be  Gaza  but  the 
prospects  for  peaceful  coexis¬ 
tence  are  probably  about  the 
same  —  at  least  in  the  short 
term. VoIP  service  providers  nat¬ 
urally  want  to  keep  the  status 
quo  and  are  calling  for  the 
industry  to  adopt  a  stance  of 
“net  neutrality,  “  which  tells  ser¬ 
vice  providers  to  keep  hands  off 
third-party  traffic. 

A  comment  in  the  aforemen¬ 
tioned  The  Wall  Street  Journal 
piece  does  a  fairly  good  job  of 
summing  up  the  issue.  In 
essence,  “If  they  want  to  use  my 
network,  they  need  to  pay  for  it,” 
according  to  a  CEO  from  an 
Internet  service  provider.  Well, 
aren’t  “they”  —  the  broadband 
customers  —  paying  to  use  the 
network?  I  doubt  they  signed  up 
for  a  package  that  restricted  the 
type  of  packets  or  traffic  that  can 


flow  across  it.  To  the  ISP  CEO,  of 
course,  “they”  are  the  likes  of 
Vonage,  which  charges  and  deliv¬ 
ers  a  service  to  a  common  cus¬ 
tomer  but  without  the  broad¬ 
band  service  provider  getting 
any  compensation. 

This  isn’t  the  first  time  that  at 
least  some  service  providers 
have  chosen  to  block  certain 
traffic.  A  few  years  ago,  our 
employees  in  New  Jersey  could 
reach  our  servers  via  Web  access 
but  couldn’t  get  their  VPN  con¬ 
nections  to  work.  After  contact¬ 
ing  the  cable  provider’s  techni¬ 
cal  support,  we  discovered  that 
because  they  had  signed  up  for 
the  default  “home”  service,  VPNs 
were  blocked.  The  rationale  was 
that  anyone  needing  such  func¬ 
tions  should  sign  up  for  the  more 
expensive  package  —  which 
basically  offered  nothing  more. 
Eventually,  the  cable  provider 
stopped  this  nonsense. 

Today,  the  technical  becomes 


the  political.  If  VoIP  service 
providers  can  convince  the  FCC 
to  mandate  net  neutrality  as  a 
requirement,  and  some  believe 
that  they  can,  they  will  neutralize 
service  providers  as  competi¬ 
tion.  But  the  story  of  net  neutrali¬ 
ty  would  just  be  a  fairy  tale.  Nice 
story,  but  not  reality. 

Service  providers  could  com¬ 
ply  with  the  letter  and  the  spirit 
of  any  such  regulation  while 
simultaneously  undermining  the 
VoIP  providers  to  the  benefit  of 
their  own  services.  Their  secret 
weapon?  Benign  neglect. 
Ultimately,  to  thwart  the  competi¬ 
tion,  all  you  have  to  do  is  ignore 
them  —  or  ignore  their  traffic. 

VoIP  quality  is  quite  vulnerable 
to  latency,  jitter  and  loss.  As  those 
metrics  degrade,  so  does  the 
conversation.  While  the  broad¬ 
band  service  provider  can  be 
certain  to  tune  its  own  brand  of 
VoIP  traffic,  it  can  easily  (and 
rightly)  let  the  Vonage  traffic  slip 


into  a  “best  effort”  category.  And, 
with  the  increasingly  sophisticat¬ 
ed  QoS  algorithms  around,  that 
could  mean  adding  just  enough 
latency  to  make  the  conversa¬ 
tion  borderline  bad.  Such  added 
latency  by  the  way,  would  likely 
be  unnoticed  by  Web  and  file 
transfer  users. 

So  does  this  mean  service 
providers  would  be  required  to 
file  their  traffic-shaping  parame¬ 
ters  with  the  FCC?  Given  that 
minutiae  are  their  specialty,  they 
would  probably  revel  in  having 
their  lawyers  become  certified 
network  engineers.  As  bizarre  as 
it  sounds,  though,  any  less  tech¬ 
nical,  less  precise  approach  to 
ensuring  net  neutrality  is  likely  to 
be  just  wishful  thinking. 

Tolly  is  president  of  The  Tolly 
Group,  a  strategic  consulting  and 
independent  testing  company  in 
Boca  Raton,  Fla.  He  can  he 
reached  at  ktolly@tolly.com. 


Sabre  SSL 


Nortel  VPN  gear  integrated  with  travel  network  giant  Sabre's  customer  portal 
simplifies  the  company’s  remote  access  network. 


Sabre  customer  site 


eTrust  SiteMinder 
MySabre  portal  single  sign-on 


Sabre  data  center 


B 

Sabre  servers 


ril 

I 


Nortel  SSL  VPN  gateway 


Q  Customer  desktops  host  SSL  and  MySabre  portal  software  that  connects  to  the  Sabre  network. 

Q  eTrust  SiteMinder  integrated  with  Nortel  SSL  VPN  gear  and  MySabre  portal  provides  a  single  sign-on  for 
customers  linking  to  Sabre  servers. 

B  The  Nortel  SSL  VPN  gear  proxies  links  to  Sabre  servers  via  the  portal,  presenting  customers  the  same 
screens  as  if  they  had  direct  connections. 


Sabre 

continued  from  page  17 

integrate  the  SSL  VPN  with  the  IPSec  VPN 
gear  that  would  remain  in  the  network, 
carried  the  day  for  Nortel. 

IPSec  doesn’t  go  away 

Some  Sabre  customer  sites  will  remain 
connected  by  IPSec  because  managing  a 
single  IPSec  device  at  a  large  location  re 
quires  less  work  than  managing  a  large 


number  of  users  with  SSL,  he  says.  Sabre  is 
considering  a  site  with  at  least  30  users  to 
be  a  candidate  for  IPSec  for  this  reason. 

In  an  effort  to  make  the  SSL  VPN  invisible 
to  end  users, Sabre  wanted  a  single  sign-on 
that  would  authenticate  users  to  the  VPN, 
as  well  as  MySabre.  That  meant  customiz¬ 
ing  the  interface  among  Netegrity  Site¬ 
Minder  authentication  platform,  the  VPN 
and  MySabre. 

MySabre  requires  a  three-factor  sign-on 
—  user  name,  password  and  a  pseudo-city 


code  —  but  off  the  shelf.  SiteMinder  can 
handle  only  two.  Customizing  code  and 
reconfiguring  the  Nortel  3050  VPN  gate¬ 
ways  enabled  SiteMinder  to  take  user  cre¬ 
dentials  once,  use  them  to  turn  up  the  VPN 
and  then  connect  to  the  portal  by  passing 
on  the  credentials  to  MySabre,  Miller  says. 

The  result  was  that  customers  had  to 
choose  “virtual  private  network”  as  the 
method  they  wanted  to  use  to  connect  to 
Sabre;  otherwise  use  of  Sabre  services  was 
unchanged  between  the  IPSec  VPN  and  the 
SSL  VPN,  Teel  says.  And  the  selection  of  the 
VPN  is  a  one-time  preference.  After  the  first 
time,  the  system  defaults  to  the  SSL  VPN. 

Sabre’s  SSL  transition  coincided  with  an 
upgrade  of  MySabre  software,  so  cus¬ 
tomers  were  prepared  for  a  bit  of  an  edu¬ 
cation,  Miller  says. 

The  SSL  VPN  brought  another  benefit. 
Before  using  SSL,  the  company  had  been 
using  HTTPS  to  connect  remote  users  to 
Sabre  56K  bit/sec  via  dial-up  Internet  con¬ 
nections.  Tunneling  the  Sabre-specific  pro¬ 
tocol  used  to  connect  to  Sabre’s  servers 
through  SSL  improved  performance  these 
users  experienced, Miller  says.“Imagine  that 
most  of  their  day  is  sitting  in  front  of  the  ter¬ 
minal  emulation  [screen]  trying  to  be  effi¬ 
cient.  The  agents  are  sitting  on  the  phone 
with  their  customers,  so  response  time  and 
performance  are  key  to  them,”  he  says. 

Overall,  the  switch  to  SSL  VPN  technolo¬ 
gy  has  served  Sabre  well.This  enables  our 
business  to  extend  to  our  customers,  give 
them  an  integrated  view  of  our  network 
without  too  much  work  for  us  to  do  at  the 
desktop  level, "Teel  says.  ■ 


Enira 

continued  from  page  17 
10  months. 

“We  rarely  use  it  but  it’s  not  the  quantity  of 
events  that’s  important,  it’s  the  quality  says 
Darren  Dworkin,  CTO  at  Boston  Medical 
Center. “Security  is  very  critical. 

“We  prefer  a  manual  intervention  because 
in  the  hospital  we  have  machines  storing 
patient  data  and  medical  devices  such  as 
MRI  machines  on  the  network,”  Dworkin 
says. 

The  hospital  uses  several  types  of  preven¬ 
tion,  including  firewalls  and  anti-virus,  but 
added  Network  Response  System  as  anoth¬ 
er  line  of  defense.  “I  can’t  stop  everything 
all  the  time,”  Dworkin  says.  “The  Enira  tool 
will  show  me  things  aren’t  right  and  help 
me  isolate  it.  It  might  simply  be  a  PC  mis¬ 
behaving.” 

The  Network  Response  System  is  used 
by  14  organizations,  including  the  U.S. 
Department  of  the  Interior,  the  Depart¬ 
ment  of  Transportation,  the  Department 
of  the  Treasury  and  the  Department  of 
Energy,  Tillmann  says.  This  level  of  inter¬ 
est  in  the  government  sector  reflects  the 
background  of  Enira’s  founder,  Chris  Key, 
who  for  several  years  has  been  an  IT  con¬ 
sultant  in  the  Washington,  D.C.,  area. 
Pricing  for  the  Network  Response  System 
ranges  from  $45,000  to  $395, 000. ■ 
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SPECIAL  FOCUS  asm.  ■ 

VoIP  rollouts  generate  heat,  power  concerns 


VoIP  heats  up 


Experts  recommend  Power  over  Ethernet  and  back-up  power  gear  in  wiring 
closets  when  deploying  VoIP,  in  order  to  support  voice  in  case  of  power 
failures.  But  the  added  gear  can  bring  electrical  and  cooling  problems. 


IP  PBX 


A  PoE  switch  can  draw  three  to  four  times  as  much 
power  as  a  traditional  LAN  switch,  requiring  power 
source  upgrades  or  additional  AC  in  closets. 


•••• 

•••• 

•••• 

•••• 


UPSs  attached  to  PoE  switches 
add  to  the  heat  equation,  sometimes 
as  much  as  running  a  second  switch 
in  the  wiring  closet. 


PoE-powered  IP  phones 


BY  PHIL  HOCHMUTH 

hings  are  about  to  heat  up  at 
Charter  Steel.  We’re  not  talking 
smelters  here,  but  network  wiring 
closets. 

Over  the  next  few  months,  the  company 
plans  to  roll  out  hundreds  of  IP  phones 
to  corporate  desktops,  with  Power  over 
Ethernet  (PoE)  switches  to  run  electricity 
to  the  devices.  The  company  recently 
upgraded  its  Avaya  Definity  phone 
switch  to  a  network  of  Avaya  S8700  IP 
PBXs,  which  are  tied  together  over  IPThis 
is  where  things  could  get  hot,  says  Peter 
Schwei,  telecom  manager  for  the 
Saukville.Wis.,  steel  company. 

As  the  company  consolidated  its  data 
center  and  voice  technology,  it  installed 
new  facilities  that  also  provide  the  cool¬ 
ing  needs  for  the  new  gear.  But  wiring 
closet  environmental  needs  will  have  to 
be  dealt  with  as  the  company  switches 
from  TDM-based  handsets  to  IP  phones. 

Schwei  says  rolling  out  IP  to  desktops 
could  pose  the  same  problems  facing 
local  broadband  providers.Ht’s  the  issues 
in  the  last  mile,  so  to  speak,  that  might  get 
us,”  he  says.  The  need  to  increase  electri¬ 
cal  feeds  to  wiring  closets  to  support  PoE, 
and  the  additional  cooling  systems 
required  to  keep  gear  from  overheating, 
are  now  becoming  more  obvious  as 
Charter  Steel’s  VoIP  deployment  moves 
forward. 

“Those  are  issues  we  will  have  to  deal 
with  at  our  distribution  layer,”  Schwei 
says.  “It’s  like  cleaning  out  your  sock 
drawer. You  just  have  to  do  it.” 

In  the  heat  of  the  night 

Businesses  installing  widespread  PoE 
gear  for  IP  telephony  or  Wi-Fi  access 
point  deployments  are  finding  the  extra 
electricity  that  PoE  gear  can  draw,  and 
the  additional  heat  the  devices  generate 
as  a  result,  are  factors  that  need  to  be 
taken  into  account. 

It’s  a  simple  concept,  experts  say:  Where 
there  are  electronics,  there  is  electricity, 
which  produces  heat.  Turn  up  the  juice, 
and  things  get  hotter. 

With  the  deployment  of  PoE,  the  heat 
loads  of  telecom  equipment  migrates 
from  a  centralized  telephone  closet  or 
electrical  closet  out  to  the  distribution 
layer  of  the  LAN. 

“If  you  have  thousands  of  phones  and 
have  multiple  PoE  switches,  that  can 
draw  three  to  four  times  the  power  draw, 


and  subsequent  heat  output,”  says  Dave 
Story,  enterprise  power  specialist  for 
CDW,  which  sells  IT  products  and  pro¬ 
vides  consulting  services. 

In  the  past,  Story  says,  most  businesses 
installed  critical  air-conditioning  systems 
for  phone  and  server  rooms,  and  that  was 
about  it.  Now  companies  moving  to  VoIP 
and  PoE  technologies  must  consider 
cooling  requirements  for  every  space  in 
a  building  where  a  LAN  switch  might 
reside  —  wiring  closets  and  other  nooks 
and  crannies. 

If  stacks  of  PoE  switches  are  replacing 
older  LAN  gear,  not  only  is  cooling  a  con¬ 
cern  but  increasing  power  feeds  to 
wiring  closets  must  also  be  factored  in. 

Often  when  you  deploy  core  switches 
that  provide  PoE,  new  power  supplies  in 
the  switch  require  new  wiring. 

“A  lot  of  these  boxes  are  not  using  a 
three-prong  outlet,”  he  says.  This  is  more 
along  the  lines  of  electric  dryer  outlets. 

Power  management 

Switches  are  getting  better  at  managing 
how  they  distribute  power,  says  Roen 
Heldman,  vice  president  of  product  man¬ 
agement  for  PbwerDsine,  a  supplier  of  FbE 
components  to  LAN  switch  makers,  such 
as  Cisco  and  Foundry  Networks.  “It 
depends  on  the  number  of  ports  and  the 
technique  of  power  management  that  is 
used  in  the  switch.” 

A  typical  switch  is  70  to  100  watts, 
Heldman  says.  A  switch  with  PoE  can  add 
200  to  700  watts,  depending  on  how  it  is 
implemented.  Heldman  says  that  if  a  PoE 
switch  drives  out  300  watts  of  power,  and 
its  efficiency  is  75%,  then:  300/75  =  120. 
That  120  watts  equals  360  BTUs  per  hour 
of  extra  heat  that  has  to  dissipate  in  the 
communications  room  or  wiring  closet. 

The  IEEE  803.3af  standard  for  PoE  spec¬ 
ifies  15.4  watts  of  power.  But  most  switch¬ 
es  aren’t  built  to  blast  out  that  much  elec¬ 
tricity  on  all  ports,  Heldman  says. 
PowerDsine  and  other  PoE  gear  makers 
build  power  management  features  into 
their  products  that  distribute  only  the 
power  needed  to  endpoint  devices.  For 
example,  most  IP  phones  require  from 
eight  to  12  watts  of  power,  Heldman  says. 
Also,  most  typical  PoE  switch  deploy¬ 
ments  do  not  have  every  port  powering 
an  end  device. 

In  VoIP  deployments,  Heldman  says,  the 
extra  heat  dissipation  of  PoE  switches 
must  be  added  to  the  heat  dissipation 


from  additional  UPSs. 

Heldman  says  most  UPSs  are  AC,  which 
run  hot  because  they  convert  their 
power  streams  from  DC.  But  DC  UPSs  are 
something  that  should  be  looked  at 
down  the  line,  he  says,  especially  if  firms 
must  dramatically  increase  the  amount 
of  UPSs  installed  to  support  VoIP-enabled 
switches  in  wiring  closets. 

“Today,  most  DC  input  is  only  used  in 
the  telecom  and  service  provider  mar¬ 
kets,”  Heldman  says.  “My  expectation  is 
that  in  the  future,  more  devices  in  com¬ 
munications  and  in  data  centers  will  go 
to  DC,”  Heldman  says.  “But  the  practical 
issue  is  that  most  devices  today  use  only 
AC.  So  even  though  theoretically  DC  may 
be  the  more  effective  waj(  it  is  less-wide- 
ly  used. 

Whatever  UPS  technology  is  deployed 
in  wiring  closets,  skimping  on  this  gear 
could  cause  issues,  CDW’s  Story  says. 

Power  problems 

Most  desktop  UPSs  provide  limited 
clean  power,  but  can  introduce  delays 
during  a  switchover  when  blackouts 
occur,  which  could  disrupt  latent-sensi¬ 
tive  VoIP  traffic.  Higher-end  power  sup¬ 
plies  that  provide  “double  conversion” 
power  conditioning  —  larger  ones  that 
are  aimed  at  server  backups  —  are  more 
suited  for  wiring  closet  deployments 


where  mission-critical  VoIP  PoE  gear  is 
running. 

There  are  even  more  UPS  considera¬ 
tions  for  sites  that  have  their  own  genera¬ 
tors,  such  as  hospitals,  schools  and  pub¬ 
lic  safety  facilities,  Story  says. 

“There  are  UPSs  that  are  generator 
friendly  and  ones  that  are  not,”  he  says. 
Most  generators  produced  “dirty  power,” 
which  means  the  voltage  can  fluctuate 
and  is  inconsistent. 

“For  mechanical  equipment,  such  as 
elevators,  this  is  OK.  But  for  power-sensi¬ 
tive  equipment,  like  electronics,  this  may 
cause  problems.  In  extreme  cases, such  as 
with  Ethernet  switches,  this  could  result 
in  packet  loss.  On  VoIP  gear,  this  could 
also  result  in  noise  and  interference  on 
connections.  ■ 
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ENTERPRISE  COMPUTING 
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Novell  gussies  up  management  suite 


A  closer  look  at  ZENworks  7 

Novell's  upgraded  management  software  can  be  used  to  identify, 
manage  and  deploy  Linux,  NetWare  and  Windows  servers  and 
workstations  from 


From  the  ZENworks  control  center,  IT  administrators  can  Software  inventories  can 

inventory  the  workstations  and  servers  on  the  network.  be  managed  from  here. 


Administrators  can  identifty  the  type  of  server  inventoried, 
the  operating  system  it  is  running  and  its  IP  address. 


Microsoft’s  Systems  Management  Server.  ZENworks  7  starts  at  $130  per  user.  Each 
Unlike  these  packages,  ZENworks  runs  on  module  can  be  bought  separately  for  prices 
NetWare,  Linux  and  Windows  servers.  ranging  from  $  1 8  to  $69  per  user.  ■ 


Platform  Solutions  peddles  mainframe 


BY  DENI  CONNOR 

Novell,  continuing  to  push  hard  on  its 
open  source  agenda,  last  week  announced 
an  upgrade  to  its  management  suite  that 
includes  improved  Linux  support. 

The  company’s  ZENworks  7  Suite  now 
has  the  ability  to  manage  Windows,  Net¬ 
Ware  and  Linux  workstations,  and  servers 
from  a  Linux  server.  The  new  Linux  Man¬ 
agement  module  initially  runs  on  Novell’s 
SuSE  Linux  Enterprise  Servers,  though  it 
can  be  used  to  manage  Red  Hat  Linux 
servers  and  workstations. 

Since  many  Linux  and  Unix  administra¬ 
tors  are  accustomed  to  managing  from  the 
command  line  and  shell  scripts  rather  than 
a  Web-based  interface,  the  module 
includes  a  command  line  interface  that 
offers  full  functional  parity  Novell  says. 


Short  Takes 


■  Univa,  a  Chicago  start-up  that 
offers  products  and  services  based 
on  the  Globus  open  source  grid  tech¬ 
nology,  has  received  $8  million  in  first- 
round  funding.  Arch  Venture  Partners 
and  New  World  Ventures  led  the 
financing  round.  Univa  says  it  will  use 
the  funds  to  accelerate  product  devel¬ 
opment  and  boost  its  marketing  and 
sales  teams. 

I  Google  has  improved  its  Google 
Desktop  PC  and  Web  search  applica¬ 
tion  by  adding  a  panel  that  provides 
information  from  a  variety  of  sources. 
Google  Desktop  2.0,  which  is  in  beta, 
includes  a  feature  called  Sidebar  that 
gives  users  access  to  e-mail,  news, 
weather,  photos,  stocks  and  syndicat¬ 
ed  Web  site  feeds.  Other  new  features 
are  Quick  Find,  which  lets  users  search 
for  files  and  applications  by  typing  only 
part  of  a  name,  and  a  toolbar  that  lets 
Microsoft’s  Outlook  e-mail  users 
search  messages  and  review  results 
within  Outlook.  The  free  application 
runs  on  Windows  XP  and  Windows 
2000  Service  Pack  3  and  above,  and 
can  be  downloaded  from  www.net- 
workworld.com,  DocFinder:  8631. 


ZENworks  lets  IT  professionals  automate 
the  provisioning  and  installation  of  soft¬ 
ware,  patches  and  applications  on  servers 
and  desktops.  It  also  performs  inventories 
of  devices  on  the  network  and  lets  IT  dis¬ 
tribute  content  and  report  on  manage¬ 
ment  operations.  The  suite  includes  mod¬ 
ules  for  desktop,  server,  handheld,  patch 
and  inventory  management. 

In  addition  to  the  extended  Linux  sup¬ 
port,  Novell’s  follow-on  to  ZENworks  6.5 
adds  support  for  Novell’s  Open  Enterprise 
Server,  a  combined  NetWare  and  Linux 
offering.  The  package  also  adds  support 
for  Novell’s  eDirectory  and  Microsoft’s 
Active  Directory  technologies. 

Also  new  are  Macintosh  inventory  capa¬ 
bilities,  plus  patch  management  support 
for  Macintosh,  AIX,  HP-UX,  AIX,  Solaris  and 
VMware  environments. 

Beta  user  Brad  Staupp, senior  support  ana¬ 
lyst  at  Johnson  County  Community  College 
in  Overland  Park,  Kan.,  has  been  relying  on 
ZENworks  7  Suite  to  manage  more  than 
3,000  workstations. 

“We  use  ZENworks  for  just  about  every¬ 
thing  —  creating  applications,  policy- 
based  management,  pushing  out  printers,” 
he  says. 

Staupp  has  a  mix  of  NetWare  6.5,  Open 
Enterprise  Server  and  Windows  servers.  All 
of  his  workstations  are  Windows-based. 

ZENworks  debuted  seven  years  ago,  and 
Novell  says  that  it  is  used  to  manage  more 
than  40  million  desktops  and  servers. 

The  suite  competes  with  Altiris’ Server,  and 


BY  JENNIFER  MEARS 

IBM  has  dominated  the  mainframe  mar¬ 
ket  for  years,  but  a  group  of  ex-Amdahl 
engineers  is  preparing  to  shake  things  up 
with  an  Itanium  2-based  system  that  ana¬ 
lysts  say  could  change  the  mainframe 
landscape  by  providing  end  users  —  a 
more  cost-effective  option  for  important 
workloads. 

“These  guys  are  pretty  clever  and  they’ve 
really  thought  about  what  it  would  take  to 
compete  against  a  giant  like  IBM’’  says 
Mike  Kahn,  managing  director  of  The 
Clipper  Group.“Their  story  is  a  mix  of  com¬ 
modity  processor  and  commodity  pricing 


with  the  ability  to  run  z/OS  workloads  with 
traditional  Intel  workloads  of  Windows  or 
Linux  on  the  same  computer.  .  .  .  More 
important  than  anything  else,  customers 
are  looking  for  choice  and  this  brings  them 
another  choice.” 

Platform  Solutions  was  founded  in  1999 
by  a  core  team  of  Amdahl  engineers.  Its  ini¬ 
tial  funding  of  more  than  $10  million  in 
2003  came  from  a  group  of  investors  that 
included  Intel  Capital  and  Fujitsu. 
Subsequent  funding  has  come  from  the 
likes  of  Goldman  Sachs.  Its  management 
team  also  consists  of  executives  with  long 
histories  at  IBM. 


The  company  shipped  its  first  plug-com¬ 
patible  mainframe  to  beta  customer  L.L. 
Bean  in  March.  The  system’s  key  feature  is 
that  it  can  run  IBM’s  z/OS,  MVS  and  s/390 
operating  systems,  as  well  as  Unix,  Linux 
and  Windows,  all  natively  In  addition, 
because  it  is  built  on  industry-standard 
hardware,  the  system  will  be  priced  “at  a  sig¬ 
nificant  discount,  compared  with  IBM,” says 
Michael  Maulik,  Platform  Solutions’  presi¬ 
dent  and  CEO. 

The  vendor  plans  to  begin  shipping  a 
four-way  system  by  the  beginning  of 
October  and  plans  general  release  of  a  32- 
way  machine  at  the  start  of  next  year.  ■ 
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Short  Takes 


■  IBM/Lotus  last  week  released  a 
development  tool  designed  to  be  the 
bridge  to  carry  a  legion  of  Lotus 
Notes  users  and  developers  onto  the 
company's  new  Java  2  Platform 
Enterprise  Edition-based  platform. 
The  Workplace  Designer  2.5  is  a 
script-based  rapid  application  devel¬ 
opment  tool  for  creating  application 
components  for  the  WebSphere  or 
Workplace  platforms.  The  software 
represents  a  major  milestone  in 
terms  of  development  tools  in  the 
merger  of  the  Domino  and  Workplace 
collaboration  environments. 
Workplace  Designer  is  based  on 
Eclipse,  an  open  source  framework 
for  development  tools,  and  includes 
form  and  view  creation,  scripting, 
debugging,  workflow  and  other  fea¬ 
tures  to  build  components  that  run  on 
Workplace  Collaboration  Services  2.5 
and  Workplace  Collaboration 
Services  Express  2.5.  Both  are  J2EE- 
based  collaboration  platforms  for 
deploying  pre-built,  reusable  collabo¬ 
ration  services  such  as  e-mail  and 
calendars.  A  future  client  IBM/Lotus 
announced  earlier  this  year  will  oper¬ 
ate  as  a  component  within  the  WCT 
framework  and  support  applications 
developed  with  Workplace  Designer. 
IBM  Workplace  Designer  costs  about 
$650  per  user, 

■  BEA  Systems  last  week  upgraded 
its  WebLogic  Integration  software. 
WebLogic  Integration  8.5  features 
support  for  the  Business  Process 
Execution  Language  for  Web  Services 
1.1  specification.  Users  can  develop 
business  processes  and  export  them 
as  BPEL  processes.  Moreover,  BPEL 
processes  from  other  tools  can  be 
imported  into  WebLogic  Integration 
8.5.  Version  8.5  also  supports  new 
business  process  tools  from  vendors 
such  as  ProActivity  and  Popkin 
Software.  The  package  now  also  inte¬ 
grates  with  HP’s  OpenView  and 
BMC’s  Software  Business  Service 
Management  network-management 
consoles  so  users  can  centrally  man¬ 
age  the  package.  WebLogic 
Integration  8.5  is  available  for  $62,000 
per  CPU. 


Open  source  databases  grow 


BY  JENNIFER  MEARS 

Like  many  companies,  National  Semi¬ 
conductor  is  looking  for  ways  to  cut  costs 
and  has  Linux  and  open  source  high  on  its 
list.  While  the  Santa  Clara,  Calif.,  company 
already  is  making  the  move  to  Linux,  the 
big  project  this  year  is  to  take  a  close  look 
at  open  source  databases  to  figure  out 
where  less-expensive  data  management 
products  could  fit  in  its  infrastructure. 

“We  looked  at  MySQL  last  year  as  far  as 
software  relief  in  concert  with  our  leverag¬ 
ing  Linux  hardware  —  to  be  able  to  move  a 
class  of  database  applications  from  IBM 
hardware  to  Intel  hardware,” says  Ulrich  Seif, 
National  Semiconductor’s  CIO. 

The  company  also  considered  Fbstgre- 
SQL  and  has  a  few  small  applications  run¬ 
ning  on  that  open  source  database. 

“The  project  this  year  is  to  take  a  serious 
look  at  an  open  source  database  road  map 
and  how  it  could  be  successfully  deployed 
here  as  a  second-tier  database”  environ¬ 
ment,  Seif  says. 


Freeing  the  database 


For  those  corporations  sold  on  Linux,  some  are  looking  at  how  they  can  use 
open  source  to  fill  database  needs.  Here’s  a  product  sampler: 


Database 

Description 

What's  new 

MySQL 

SQL-compliant 

Supported  by  LIP,  Dell  and  Novell 

PostgreSQL 

SQL-compliant,  object-relational 
database 

A  handful  of  companies  -  including  EnterpriseDB 
(which  won  the  best  database  award  at  LinuxWorld), 
Pervasive  Software  and  GreenPlum  -  have  emerged 
to  provide  support. 

Apache  Derby 

Apache  Foundation's  Java-based 
database 

IBM  donated  the  Derby  code  last  year,  but  still 
supports  a  commercial  version  called  Cloudscape. 
Apache  Derby  shipped  its  first  version  earlier  this 
month.  Sun  is  supporting  it. 

Ingres 

SQL-compliant  relational  database 

Computer  Associates  open  sourced  Ingres  in  2004 

Berkeley  DB 

Versions  support  Java  and  XML 

Supported  by  Sleepycat  Software 

National  Semiconductor  is  not  alone. 
While  open  source  databases  are  nothing 
new  —  Postgres,  for  example,  has  been 
around  for  20  years,  and  MySQL  celebrat¬ 


LANDesk  revamps 
mgmt  software  suites 


BY  DENISE  DUBIE 

LANDesk  this  week  is  set  to  unveil 
upgrades  for  its  systems  management  soft¬ 
ware  suites  that  are  designed  to  help  cus¬ 
tomers  secure  remote  access  and  manage 
servers  when  their  networks  are  down. 

LANDesk  Security  Suite  8.6  software 
includes  a  feature  called  Trusted  Access 
that  will  let  the  software  scan  devices  such 
as  desktops  and  laptops  requesting  access 
to  the  network  for  viruses  and  patch  status, 
for  example.  If  the  device  doesn’t  meet  all 
the  required  criteria,  LANDesk  software  will 
block  access.  The  software  also  can  apply 
patches  or  upgrade  the  software  on  the 
device  to  meet  compliance  policies  and 
then  allow  access  without  impacting  the 
user  attempting  to  log  on,  the  company 
says. 

Jeff  Hance,  systems  engineer  at  Hughes 
Supply  in  Orlando,  Fla.,  is  testing  the  latest 
releases  of  the  security  suite,  as  well  as 
LANDesk  Management  Suite  8.6.  He  says 
the  network  access  control  feature  address¬ 


es  an  “ever-growing  concern  in  our  world.” 
He  is  responsible  for  keeping  more  than 
7,800  distributed  and  remote  workstations 
up  to  date  on  Microsoft  patches.  He  has 
used  LANDesk  software  for  the  past  three 
years  to  inventory  machines  for  specific 
applications,  push  out  security  updates  and 
connect  to  remote  machines  for  trou¬ 
bleshooting. 

“We  have  grown  dramatically  in  the  last 
few  years,  and  we  need  a  way  to  control  the 
spread  of  viruses  to  vulnerable  machines,” 
he  says. ‘And  [we  need]  a  way  to  push  cus¬ 
tom  applications  needed  for  business  with¬ 
out  having  to  install  manually  on  all 
machines.” 

Like  competitors  Altiris,  Computer 
Associates,  Microsoft,  Novell  and  Symantec, 
LANDesk  addresses  management  across 
desktops,  servers  and  security  devices  with 
its  product  suite.  This  week  the  company 
also  added  capabilities  to  its  management 
suite  that  will  help  IT  managers  connect  to 
See  LANDesk,  page  22 


ed  its  10th  anniversary  in  April  —  the  pro¬ 
jects  are  getting  more  enterprise-level  fea¬ 
tures.  And  corporate  customers  in  grow¬ 
ing  numbers  are  looking  at  low-cost  alter¬ 
natives  to  hefty,  expensive  proprietary 
database  products. 

Momentum  around  open  source  alterna¬ 
tives  is  swelling,  with  a  number  of  develop¬ 
ments  in  recent  months  illustrating  the  mar¬ 
ket’s  growing  maturity  Consider  that  Novell, 
Dell  and  HP  all  now  sell  MySQLs  database 
products  and  support  services. 

Earlier  this  month,  the  Apache  Foundation 
released  its  first  version  of  Apache  Derby  the 
Cloudscape  database  that  IBM  contributed 
to  the  open  source  community  last  year.  As 
for  Fbstgres,  a  number  of  companies  have 
recently  emerged  to  provide  support  for 
PostgreSQL.  One  of  those  companies, 
EnterpriseDB,  came  out  of  stealth  mode 
May  23  and  hit  the  ground  running,  winning 
“Best  Database  Solution”  at  LinuxWorld  ear¬ 
lier  this  month,  edging  out  IBM,  MySQL  and 
Oracle.  It  announced  general  availability  of 
its  open  source-based  relational  database 
management  systems  Enterprise  DB  2005 
earlier  this  month. 

Meanwhile,  MySQL  in  February  launched 
its  subscription-based  MySQL  Network  to 
provide  comprehensive  support  and  spur 
corporate  deployments.  It  already  has 
Sabre  Holdings,  Continental  Airlines  and 
DaimlerChrysler  on  its  lengthy  customer 
list.  Sleepycat  Software  last  week 
announced  that  General  Dynamics  C4 
Systems,  a  business  unit  of  General 
See  Database,  page  22 
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Who  controls  the  'Net? 


NET  INSIDER 

Scott  Bradner 


From  what  I  read,  being 
addicted  to  gambling  is  not  a 
cheap  date.  What  I  have  seen  in 
Las  Vegas  confirms  this.  If  bil- 
lion-dollar  hotels  can  be  paid 
off  in  a  few  years  using  just  the 
house  part  of  the  cash  flow, 
there  has  to  be  a  lot  of  money 
in  this  picture. 

In  the  future,  fewer  of  the 
hotels  might  be  needed  because 
their  patrons  can  telecommute. 
Internet  gambling  is  a  big  deal 
and  getting  bigger  in  spite  of  the 
efforts  of  a  lot  of  people  to 


squash  it.While  gambling  propo¬ 
nents  (for  example  Roy  Cooke 
at  www.networkworld.com,  Doc- 
Finder:  8627)  say  there  are  no 
federal  laws  that  specifically  out¬ 
law  Internet  gambling,  the  U.S. 
Department  of  Justice  says  that 
the  1961  Wire  Act  (DocFinder: 
8628)  applies  to  the  Internet  and 
outlaws  Internet  gambling. 

But  this  column  is  not  about 
the  legality  or  illegality  of 
Internet  gambling  in  the  U.S., 
nor  is  it  about  the  impact  of  gam¬ 
bling  on  tax  revenues  or  society 
It  is  about  a  funny  battle  the  U.S. 
has  gotten  into  with  a  minuscule 
Caribbean  nation  over  Internet 
gambling  and  the  implications 
of  the  precedent  that  this  battle 
might  create.  Antigua  and 
Barbuda,  a  nation  comprising  a 
pair  of  Caribbean  islands  with  a 
combined  area  about  2.5  times 


that  of  Washington,  D.C.,  and  a 
population  of  about  68,000, 
decided  a  while  back  to  invest 
in  Internet  casinos  as  a  way  to 
augment  the  tourist  trade. 
Imagine  their  annoyance  when 
the  U.S.  government  tried  to  pro¬ 
hibit  U.S.  residents  from  partak¬ 
ing  of  their  “gambling  and  bet¬ 
ting  services.” 

Antigua  and  Barbuda  did  what 
any  law-abiding  country  should 
do  in  cases  like  this:  It  appealed 
to  the  World  Trade  Organization 
(WTO).  The  WTO  ruled  in  April 
that  the  U.S.  could  not  just  out¬ 
law  access  to  Internet  gambling 
(DocFinder:  8629)  and  earlier 
this  month  ruled  that  the  U.S.  has 
until  next  April  to  mend  its  ways 
(DocFinder:  8630). 

The  WTO  basically  said  that 
the  U.S.  could  not  block  its  resi¬ 
dents  from  using  Internet-based 


companies  offering  services  that 
are  perfectly  legal  in  the  service 
provider’s  own  country.  There 
are  some  exceptions,  but  the 
WTO  said  that  Internet  gambling 
was  not  one  of  them. 

This  ruling  establishes  that  the 
U.S.  cannot  unilaterally  control 
what  people  can  use  the 
Internet  for,  even  U.S.  residents 
using  the  Internet  from  within 
this  country. This  is  certainly  not 
going  to  go  over  well  with  those 
people  in  Congress  or  other 
parts  of  government  who  think 
the  U.S.  should  own  the  Internet 
because  “we  built  it.” 

In  this  case,  the  U.S.  told  the 
WTO  that  the  country  would 
comply  with  the  organization’s 
ruling  but  would  not  “ask 
Congress  to  weaken  U.S.  restric¬ 
tions  on  Internet  gambling.” 
Seems  to  be  a  tricky  balance  to 


me.  It’s  not  just  the  WTO  that  is 
telling  the  U.S.  that  it  cannot  con¬ 
trol  the  ’Net  by  itself.  The  final 
report  of  the  United  Nations’ 
Working  Group  on  Internet 
Governance  does  the  same.  This 
report  will  go  to  the  World 
Summit  on  the  Information 
Society  later  this  year,  which  is 
likely  to  agree.  The  next  few 
months  will  be  interesting  on 
the  Internet  governance  front, 
and  I  expect  to  return  to  the 
topic  from  time  to  time. 

Disclaimer:  There  are  multiple 
groups  at  Harvard  that  deeply 
ponder  Internet  governance 
issues,  but  the  above  observation 
is  my  own. 

Bradner  is  a  consultant  with 
Harvard  University’s  University 
Information  Systems.  He  can  be 
reached  at  sob@sobco.com. 


Open  source  minded 

The  open  source  slice  of  the 
database  management  system  market 
will  grow  to  more  than 

$1  billion 

by  2008,  according  to  Forrester 
Research. 


going  to  ever  expire.  So  grow  into  it  at  your 
own  pace,”  he  says. 

IBM,  Oracle  and  Microsoft  downplay  any 
heat  they  might  be  feeling  from  open 
source  databases,  but  it’s  clear  that  the 
adoption  of  open  source  —  and  open 
source  databases  —  is  growing.  Forrester 
estimates  that  the  market  for  open  source 


databases  last  year  was  about  $120  mil¬ 
lion,  just  a  fraction  of  the  overall  $10  bil¬ 
lion  DBMS  market. 

A  Forrester  survey  this  year  of  95  IT  exec¬ 
utives  using  or  planning  to  use  Linux  or 
open  source  in  the  next  12  months  found 
that  more  than  half  already  are  using 
MySQL. 

Still,  in  most  cases  the  open  source  data¬ 
base  isn’t  supporting  the  most  critical 
applications,  analysts  say 

“Right  now,  except  for  specialized 
application  domains,  the  open  source 
database  isn’t  really  competing  for  the 
heart  of  the  enterprise  with  IBM, 
Microsoft  and  Oracle,”  says  Peter  O’Kelly, 
senior  analyst  at  Burton  Group.  “Those 
three  vendors  control  more  than  85%  of 
the  revenue  opportunity  for  commercial 
DBMS."* 


Database 

continued  from  page  21 

Dynamics,  has  deployed  its  Berkeley  DB 
Java  Edition  to  support  a  visualization 
and  collaboration  tool  used  by  the  U.S. 
military. 

“We  have  been  getting  an  increasing 
number  of  inquiries  about  [open  source 
databases]  from  clients  who  are  looking  to 
somehow  reduce  their  IT  costs,”  says 
Michael  Goulde,  a  senior  analyst  at 
Forrester  Research.“They  are  taking  a  look 
at  where  there  might  be  commodity  tech¬ 
nologies  that  could  replace  the  current 
technologies  that  they’re  paying  a  lot  of 
money  for  —  a  database  is  certainly  one 
of  those.” 

Indeed,  with  SQL  and  other  database 
standards  firmly  entrenched,  there  is  a  per¬ 
fect  opportunity  for  open  source  database 
projects  to  create  products  that  easily  fit 
into  corporate  infrastructures.  Open 
source  databases  might  not  provide  all  the 
bells  and  whistles  of  an  Oracle  or  IBM 
database,  but  analysts  point  out  that  in 
many  cases  customers  running  propri¬ 
etary  systems  are  paying  for  more  features 
than  they  need. 

“Databases  are  becoming  a  commodity, 
with  fewer  enterprises  demanding 
advanced  database  features,”  Forrester 
analyst  Noel  Yuhanna  wrote  in  a 
December  2004  report  titled  “Open 
Source  Databases  Come  of  Age.” “We  esti¬ 
mate  that  the  majority  of  advanced  fea¬ 
tures  offered  by  commercial  DBMS  prod¬ 
ucts  are  hardly  used  by  enterprises;  they 
are  sometimes  needed,  but  they  aren’t 
required  for  many  projects.” 

At  National  Semiconductor,  for  example, 


Seif  recently  migrated  from  Sybase  to 
Oracle  but  realized  that  not  all  applica¬ 
tions  need  all  the  features  of  the  high-end 
Oracle  database. 

“Every  customer  has  smaller,  non-critical 
databases  and  they  have  been  throwing 
these  in  with  their  high-end  database  solu¬ 
tion,  where  their  expertise  and  support 
resides,”  he  says. 

When  considering  open  source  databas¬ 
es,  questions  arise  about  the  ease  of 
migrating  applications,  the  level  of  per¬ 
formance  and  where  support  will  come 
from,  users  say 

“If  you’re  moving  from  an  existing  pro¬ 
prietary  database,  you  have  to  examine 
the  type  of  application  carefully  says 
Corey  Ostman,  director  of  new  technology 
initiatives  at  PriceGrabber.com. 

The  Culver  City,  Calif.,  company  has 
used  MySQL  since  it  launched  in  1999. 
Ostman  says  the  company  also  consid¬ 
ered  Oracle  but  decided  that  perfor¬ 
mance  and  support  were  better  with 
MySQL. 

“A  simple,  read-only  application  can  gen¬ 
erally  be  ported  to  a  new  database  with¬ 
out  much  hassle,”  Ostman  says.  “A  more 
complicated,  read/write  transactional 
database  may  rely  on  proprietary  data¬ 
base  extensions  and  might  require  more 
work.” 

Noel  Proffitt,  senior  information  systems 
analyst  at  the  city  of  Garden  Grove,  Calif., 
says  the  key  to  a  successful  deployment  is 
to  start  small. 

Garden  Grove  has  been  using  Bostgre- 
SQL  since  early  2002,  and  most  new  appli¬ 
cations  use  the  open  source  database. 

“Download  FbstgreSQL  and  play  with  it. 
You  won’t  get  any  sales  calls;  no  license  is 


LANDesk 

continued  from  page  21 

remote  machines,  even  if  the  network  is 
down.  LANDesk’s  Management  Suite, 
which  includes  asset,  inventory  and  con¬ 
figuration  management  applications, 
runs  on  Windows  servers  and  clients,  and 
consists  of  server  software  and  distrib¬ 
uted  agents. 

Version  8.6  includes  a  feature  dubbed  the 
Management  Gateway  which  lets  IT  man¬ 
agers  connect  to  remote  machines  loaded 
with  LANDesk  agents  via  the  Internet  to 
perform  out-of-band  discovery  and  remote¬ 
ly  fix  systems  even  if  they  have  completely 
shut  down,  the  company  says. The  manage¬ 
ment  suite  and  LANDesk  Server  Manager 
8.6  have  also  been  upgraded  to  work  with 


Intel’s  Active  Management  Technology. 
LANDesk  software  is  being  embedded  on 
Intel  hardware  and  will  enable  manage¬ 
ment  of  devices  in  “complete  lights-out  sce¬ 
narios,"  LANDesk  says. 

“Our  software  will  take  advantage  of  the 
manageability  the  hardware  vendors  are 
building  into  their  machines,”  says  Dave 
Taylor,  vice  president  of  marketing.  The 
company  also  announced  a  similar  agree¬ 
ment  with  Lenovo  to  embed  LANDesk 
technology  on  Lenovo  devices.  Lenovo 
acquired  the  PC  division  from  IBM  earlier 
this  year. 

LANDesk  Security  Suite  8.6  costs  about 
$60  per  node.  LANDesk  Management 
Suite  8.6  costs  about  $90  per  node. 
LANDesk  Server  Manager  costs  about 
$300  per  server.  ■ 
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Short  Takes 


■  The  WiMax  Forum  this  week 
should  finish  validating  its  system  for 
certification  testing,  a  senior  official 
says,  referring  to  the  latest  milestone 
on  the  road  to  a  broadband  fixed  wire¬ 
less  technology  that  at  times  has  suf¬ 
fered  from  overly  optimistic  expecta¬ 
tions.  Some  vendors  already  have 
products  at  the  Cetecom  lab  in 
Malaga,  Spain,  where  certification  will 
take  place,  but  the  past  few  weeks 
have  been  taken  up  by  validating  the 
test  scripts  and  equipment,  along  with 
informal  testing,  says  Gordon 
Antonello,  senior  technical  advisor  at 
Wi-LAN  and  chairman  of  the  WiMax 
Forum  Technical  Working  Group.  The 
forum  expects  formal  testing  to  begin 
in  October  and  it  hopes  to  have  the 
first  products  certified  before  year- 
end.  The  form  of  WiMax  heading  into 
testing  now  is  based  on  the  IEEE 
802.16-2004  specification  and  designed 
for  services  to  fixed  clients.  Key  appli¬ 
cations  are  expected  to  be  wireless 
network  backhaul  and  alternatives  to 
DSL  and  cable  modem  services.  The 
standard  for  mobile  WiMax,  called 
IEEE  802.16e,  should  be  completed  by 
November,  according  to  Antonello. 

■  Sprint  last  week  announced  its 
Precision  Locator  service,  which  is 
designed  to  help  businesses  track 
fleets  and  mobile  workers.  The  Web- 
based  application  service  lets  fleet  or 
mobile  worker  supervisors  zoom  in  on 
maps  that  show  where  workers  are 
located,  includes  reporting  and  sched¬ 
uling  tools,  and  enables  text  messag¬ 
ing.  The  offering  starts  at  $20  per 
user,  per  month.  The  service  requires 
GPS-enabled  phones  with  wireless 
service  on  Sprint’s  network. 
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Vanco  making  its  mark  in  U.S. 


U.K.-based  virtual 
network  operator 
is  winning  over 
multinationals. 

BY  DENISE  PAPPALARDO 

The  telecom  business  is  not  an  easy 
one  today,  although  it  seems  a  little  bit 
more  manageable  for  one  company  that 
while  light  on  physical  assets  has  a  grow¬ 
ing  enterprise  customer  base. 

Vanco  is  a  virtual  network  operator 
(VNO)  from  the  U.K.  While  not  new  to  the 
industry,  the  company  is  only  recently 
becoming  a  player  among  U.S.-based 
multinationals.  VNOs  essentially  own  no 
network  assets  and  instead  rely  on  whole¬ 
sale  agreements  with  service  providers 
worldwide.  Established  in  1988,  Vanco  has 
enjoyed  stable  leadership  and  steady 
growth  since  its  founding. 

“Vanco  seems  to  be  doing  awfully  well,” 
says  David  Passmore,  research  director  at 
consulting  firm  Burton  Group.  “Last  year 
the  company’s  revenue  grew  by  40%.They 
have  quite  a  niche  with  international 
enterprises  that  need  coverage  in  multi¬ 
ple  geographic  locations.” 

While  Vanco  started  out  as  a  U.K.  and 
European  player,  the  company  now  sup¬ 
ports  services  in  230  countries  and  has 
made  a  major  push  in  the  U.S.  over  the 
past  two  years. 

“The  beauty  of  its  business  is  that  it’s 
not  capital  intensive  like  a  traditional 
carrier  since  it’s  just  riding  on  top  of 
other  people’s  networks,”  Passmore  says. 
“They  provide  a  buffer  for  carriers  that 
may  seem  unstable  or  are  having  busi¬ 
ness  problems.  They  have  the  ability  to 
pick  the  providers  with  the  best  perfor¬ 
mance  in  any  given  geographic  region." 

Bermuda-based  Bacardi,  with  sites  in 
the  U.S.,  fits  the  description  of  the  new 
customer  Vanco  is  hoping  to  attract.  The 
spirits  producer  and  distributor  started 
looking  for  a  new  service  provider  in 
2003,  says  Ron  Stan,  director  of  IT,  and 
selected  Vanco  to  deploy  its  global  37- 
site  MPLS  VPN.  Bacardi  is  using  Vanco’s 
MPLS  Matrix  service,  which  offers  a  sin¬ 
gle  management  view  into  a  user’s  entire 
MPLS  network  regardless  of  how  many 
underlying  physical  network  providers 
are  involved.  The  deployment  is  just 


Profile:  Vanco 


Location: 

Middlesex,  U.K. 

Founded: 

1988 

Business: 

A  virtual  network  operator  that 
is  publicly  traded  on  the  London 
Stock  Exchange.  Has  been 
profitable  for  the  past  nine  years. 

GEO: 

Allan  Timpany.for  the  past  17 
years. 

Customers: 

178  multinational  businesses, 
such  as  Accor,  Bacardi,  British 
Airways,  Ford,  Pilkington. 

Competitors: 

BT,  Equant,  AT&T,  MCI. 

under  way  with  five  sites  up  and  the 
remaining  expected  to  be  online  by 
mid-September,  Stan  says. 

“We  went  through  a  fairly  extensive  RFP 
process,”  Stan  says.“Then  we  looked  at  the 
overall  fit  of  the  solution  that  was  being 
provided  from  tool  set,  analyst  rankings,  to 
the  financial  stability  of  the  providers.  And 
most  importantly,  we  did  reference  cus¬ 
tomer  checks  for  all  providers.” 

Vanco  won  Bacardi’s  business  for  sever¬ 
al  reasons,  Stan  says,  including  the  com¬ 
pleteness  of  its  RFP  response,  its  presenta¬ 
tion,  pricing,  overall  fit  of  technology  net¬ 
work  management  tools,  financial  stabili¬ 
ty,  industry  rankings  and  references. 

But  because  Vanco  is  not  widely  known 
in  the  U.S.,the  company  faces  challenges 
in  winning  large  contracts.  And  while 
Vanco  reaps  financial  benefits  from  not 
owning  a  network,  it  also  does  not  have 
ultimate  control  over  that  underlying 
infrastructure. 

Passmore  says  customers  have  to  know 
the  VNO  they’re  working  with  and  be  sure 
they  are  willing  to  take  end-to-end  respon¬ 
sibility  for  any  faults  or  problems  on  their 
network.  Users  are  depending  on  their 
VNO  to  fix  things  rather  than  having  to 
deal  directly  with  the  provider. 

Global  perspective 

The  fact  that  Vanco  works  with  many 
network  service  providers  around  the 
world  was  one  of  the  reasons  Pilkington, 
the  global,  $5.5  billion  glass  company, 
selected  the  VNO  about  two  years  ago. 

“Vanco  works  with  the  best  they  can 
find  in  terms  of  cost  and  quality” says  Bill 
McCreary,  CIO  for  Pilkington’s  North 


American  businesses  and  CTO  for  the 
company’s  global  operations. 

The  VNO  manages  about  350  sites 
around  the  world  for  Pilkington  using 
multiple  technologies,  including  Internet- 
based  VPN,  MPLS  and  frame  relay.  Most  of 
the  sites  are  in  North  America  and 
Europe,  with  a  few  in  South  America, 
McCreary  says. 

Prior  to  moving  to  Vanco,  Pilkington  had 
many  internally  run  WANs  around  the 
world,  he  says.  And  in  North  America  the 
company  outsourced  its  frame  relay  net¬ 
work  entirely  to  AT&T. 

“We  decided  to  go  with  someone  who 
was  independent,”  McCreary  says.  “We 
selected  [Vanco]  based  on  price  and 
experience.” 

But  because  Vanco  was  new  to 
Pilkington,  the  company  proceeded  cau¬ 
tiously,  initially  outsourcing  only  its 
European  network  service  needs  to 
Vanco.  “If  we  weren’t  OK  with  how  that 
went  then  we  wouldn’t  bring  them  any¬ 
where  else,”  McCreary  says.  And  at  that 
time,  Vanco  did  not  have  geographic 
coverage  in  the  U.S.  or  South  America. 

But  the  European  deployment  was  a 
success  and  ultimately  Pilkington 
moved  forward  with  its  worldwide  net¬ 
work  deployment  with  Vanco,  which  rep¬ 
resented  a  large  portion  of  additional 
business. 

“We  debated  the  topic  of  going  with  an 
independent  provider  a  lot,”  McCreary 
says.  Because  at  that  time  all  the  multi¬ 
national  service  providers  would  have  to 
work  through  other  providers  in  certain 
regions.  McCreary  says  it  made  sense  to 
go  with  a  company  that  was  separate 
from  the  network  infrastructure.  And  in 
the  end  the  “underlying  infrastructure  is 
a  commodity”  he  says. 

Both  Bacardi  and  Pilkington  say  they 
have  seen  cost  savings  by  moving  to 
Vanco.  Yet  Vanco  doesn’t  own  network 
assets,  so  how  can  it  offer  better  rates 
than  providers  that  do  own  those  assets? 

Passmore  says  Vanco  is  in  a  “terrific 
bargaining  position  and  can  get  one 
heck  of  a  deal  because  of  its  volume.” 
Because  Vanco  is  buying  in  such  large 
quantities  from  the  largest  providers 
around  the  world  it  is  able  to  be  more 
selective  and  offer  customers  flexibility 
that  network  operators  cannot,  Passmore 
says.  ■ 
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EYE  OH  THE  CARRIER 
Johna  Till  Johnson 


Content,  control  and  the  'Net 


How  much  control  can  —  or 
should  —  communications  trans¬ 
port  providers  exert  over  the  con¬ 
tent  they  carry? 

Some  background:  Back  in  the 
pre-Revolutionary  United  States, 


transport  and  content  providers 
were  one  and  the  same.  The  folks 
who  wrote  newspapers  also  ran 
the  mail  services  —  which  meant 
that  they’d  never  bother  to  deliver 
the  competition’s  newspapers. 


One  of  the  benefits  of  establishing 
and  regulating  the  U.S.  Postal 
Service  was  creating  a  legal  frame¬ 
work  prohibiting  carriers  from 
interfering  in  content. 

Over  time,  the  principle  of  sepa- 


Do  you  worry  about... 


bringing  new  Network  IT  products  to  market? 
reaching  Network/IT  and  Corporate  Managers? 
accelerating  your  sales  cycle? 

getting  your  company's  message  in  front  of  a  powerful  audience  of  Network  IT  buyers? 

Stop  worrying... 

when  you  sponsor  a  Network  World  Technology  Tour  and  Expo.  These  dynamic  live, 
multi-city  events  will  bring  you  face-to-face  with  the  Network  World  community  —  the 
architects,  strategists,  decision-makers  and  buyers  for  today's  enterprise  networks. 

Network  World  is  now  accepting  sponsorship  bookings  for  2005  Technology  Tours  and 
Expos.  Sponsorships  are  limited  to  guarantee  a  dynamic  experience  for  both  sponsors 
and  attendees  so  act  now. 

Contact  Andrea  D'Amato,  National  Sales  Director,  Events  and  Executive  Forums,  at 

800-622-1108,  Ext.  6520  or  adamato@nww.com 
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TECHNOLOGY  TOUR  AND  EXPO 


March  |  Wireless  and  Mobility 
March  j  Network  Management/IT  Automation 
April  j  Remote  Office  Networking 
April  j  WAN  Optimization 
June  j  Voice  over  IP/Convergence 
June  j  Extended:  Wireless  and  Mobility 
July  j  SMB 
Sept  |  Security 

Sept  j  Extended:  Voice  over  IP/Convergence 
Nov/Dec  |  IT  Road  Map:  2006 


ration  of  content  and  transport 
became  established,  not  just  for 
mail  but  also  for  telephony  —  the 
phone  company  can’t  censor  your 
calls,  or  even  wiretap  them,  with¬ 
out  an  explicit  request  from  law 
enforcement.  And  so  on. 

You’d  think  that  the  principle 
would  continue  to  apply  in  the 
Internet  age,  but  ISPs  have 
increasingly  opted  to  tinker  with 
the  content  they  transport.  Here 
are  a  couple  of  examples: 

•  Back  in  March,  VoIP  provider 
Vonage  complained  to  the  FCC 
about  the  fact  that  broadband 
providers,  including  cable  and 
wireless  companies,  were  inten¬ 
tionally  blocking  Vonage’s  VoIP 
calls.  The  FCC  fined  one  of  the 
broadband  providers  and  earlier 
this  month  issued  a  policy  state¬ 
ment  condemning  the  practice. 
Left  undecided  was  the  question 
of  what  happens  when  a  provider 
doesn’t  block  traffic  but  merely 
drops  it  to  a  lower  level  of  QoS. 

•  Many  service  providers, 
including  Sprint,  MCI,  AT&T  and 
AOL,  offer  services  such  as  mal¬ 
ware-blocking  and  distributed 
denial-of-service  (DDoS)  preven¬ 
tion  in  which  the  carrier  will 
proactively  drop  content  that  its 
subscribers  consider  objection¬ 
able,  such  as  spam,  viruses,  spy- 
ware  and,  potentially,  peer-to- 
peer  traffic. 

Should  the  separation  of  content 
and  transport  be  maintained?  As  a 
basic  principle,  I’d  say  yes.  Hats  off 
to  the  FCC  for  coming  down  hard 
on  providers  that  flagrantly  violate 
subscribers’  best  interests. 

But  sometimes  having  service 
providers  tinker  with  content  is  a 
good  thing.  Many  subscribers 
consider  malware-blocking  and 
DDoS  prevention  benefits. 

Things  get  less  black-and-white 
when  you  introduce  issues  such 
as  QoS.  Should  a  carrier  be  forced 
to  transport  a  competitor’s  voice 
services  at  the  highest  available 
priority?  Or  is  it  OK  to  drop  the 
packets  to  “best-effort”  priority 
unless  the  competitor  pays  for 
top-priority  QoS? 

Bottom  line:  The  separation  of 
content  and  transport  is  a  great 
general  principle  —  but  some¬ 
times  it’s  worth  a  closer  look. 


To  attend  a  Network  World  Technology  Tour  and  Expo  free,  register  at  www.networkworld.com/events 


Johnson  is  president  and  chief 
research  officer  at  Nemertes 
Research,  She  can  be  reached  at 
johna@nemertes.  com. 
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FREE  EVENT! 


Enterprise  Convergence: 


Best  Practices  to  Maximize  Value  and  ROI 


NETWORKWORLD 


COMING  TO  A  CITY  NEAR  YOU! 


Whether  you're  just  starting  to  craft  your  plan  or  currently  in  deployment,  get 
the  answers  you  need  to  ensure  a  successful  enterprise  convergence  rollout. 
Join  Network  World  and  Lucent  Technologies  at  this  complimentary 
half-day  event,  Enterprise  Convergence:  Best  Practices  to  Maximize 
Value  and  ROI,  designed  to  help  you: 


DALLAS,  TX  SEPTEMBER  13,  2005 
SEATTLE,  WA  OCTOBER  18,  2005 


WHY  LUCENT? 


■mm 


Over  75%  of  Fortune  100  companies  and  all 
Tier  1  service  providers  use  Lucent's 
convergence  solutions  to  manage  their 
businesses  reliably  and  profitability. 


Lucent  has  a  wide  portfolio  of  products  and 
services  that  help  you  deploy,  manage  and 
secure  your  converged  network  and 
applications. 


As  a  special  thank-you  from  Lucent  ail  attendees 
will  receive  a  USB  Flash  Drive  and  take  home  the 
special  report,  15  Steps  to  Maximize  the  Value 
from  Converged  Services 


►  Identify  and  avoid  the  biggest  implementation  roadblocks 

►  Determine  the  right  tools  and  systems  needed  to  manage  the  'new  world'  of 
converged  applications 

►  Gauge  how  your  network  infrastructure  will  handle  voice  and  other  converged 
applications 

►  Discover  the  right  QoS  practices  and  technologies  to  ensure  smooth  operation 

►  Assess  the  real  impact  of  convergence  on  productivity  and  costs 


Join  Johna  Till  Johnson,  Network  World  columnist,  Nemertes 
Research  founder  and  nationally  recognized  convergence  expert, 
along  with  respected  industry  veterans  as  they  address  the  five 
critical  components  necessary  to  ensure  a  successful  enterprise 
convergence  rollout. 

Q  VoIP:  A  secure,  scalable  and  resilient  IP  Telephony  infrastructure. 

Q  Security:  End-to-end,  automated  protection  against  breaches. 

Q  Wireless:  Policy-managed,  secure  applications  for  mobile  users. 

Q  Software:  Optimized  network  management  tools. 

Q  Services:  A  solid  lifecycle  support  plan  that  delivers  maximum  ROI. 


Johna  Till  Johnson 


This  event  is  created  for  network  and  IT  professionals  involved  in  the 
planning  and  purchase  of  network  convergence  products  and  services. 
Network  World  Events  reviews  all  registrations  and  determines  total 
audience  profile  of  complimentary  attendees.  Incentive  to  attend  does 
not  apply  to  government  employees. 


Don't  miss  this  great  opportunity  to  gain  new  ideas  and  insight  on 
how  to  maximize  your  enterprise  convergence  strategy! 


Enjoy  the  Benefits.  Avoid  the  Challenges.  Register  Today! 

www.networkworld.com/LF5A1  or  call  800-643-4668 
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10/100  VPN  Routers 
RV042,  RV082,  RV016 


WRV54G 


When  you  need  to  create  a  VPN-secured  connection  between  a  remote  worker  and  the  corpo¬ 
rate  network,  nobody  makes  it  easier  or  more  reliable  than  Linksys!  Our  powerful  VPN  Routers 
and  Access  Points  deliver  best-in-class  performance  and  security  features  for  simultaneous 
connections  of  up  to  50  remote  users.  And  with  Linksys  QuickVPN,  a  cost-effective  software 
configuration  tool,  the  setup  takes  only  a  few  minutes,  so  off-site  workers  spend  more  time 
getting  work  done  and  less  time  hassling  with  connection  settings. 


Partner 

Connection 


•  Stateful  Packet  Inspection  Firewall  for 
maximum  security 

•  Full  IPSec  Virtual  Private  Network  (VPN)  capability 
using  DES  and  3DES  encryption  algorithms 

•  Management  via  Web,  Telnet,  SNMP  and  Setup  Wizards 


V  Tech  Data  D&H 


•  Complies  with  IEEE  802.1 1g  and  802.11b  standards 

•  Advanced  security  features:  128>bit  WEP,  DoS 
prevention,  MAC  filtering,  SPI  firewall  and  802.1  x 
authentication 

•  "Hotspot  Ready"  with  subscriber  registration, 
authorization  and  authentication  functions 

•  QuickVPN  software  included  for  5  users 


Cisco  Systems 


MICRO 


8.29.05  •  www.networkworld.com  •  27 


NET.W0BKER 

■  PRODUCTS,  SERVICES  AND  STRATEGIES  FOR  TYING  TELEWORKERS  TO  THE  ENTERPRISE 


ELI  simplifies  small  office  security 


BY  JOHN  COX 

An  enterprising  start-up  has  hatched  a 
plan  to  make  wireless  LAN  security  both 
simple  and  strong  for  small-business  users, 
teleworkers  and  consumers. 

The  plan, from  Electronic  Lifestyle  Integra¬ 
tor  (ELI),  marries  an  appliance  that  has  an 
integrated  set  of  network  functions  with  a 
hosted  security  update  service. 

Users  select  one  of  several  classes  of  secu¬ 
rity  then  the  appliance  downloads  the  set¬ 
tings  and  configures  itself  to  support  that 
choice.  ELI’s  servers  automatically  update 
the  appliance’s  built-in  anti-virus,  content¬ 
filtering  and  anti-spam  applications  several 
times  a  day. 

The  Mount  Laurel,  N.J.,  vendor  was  co¬ 
founded  by  CEO  Susan  Lutz  and  CTO 
Robert  Smith,  who  have  sustained  the 
fledgling  company  without  any  venture 
backing.  Lutz  co-founded  SecurelT, 
which  focused  on  IT  security  solutions 
and  was  acquired  by  VeriSign,  for  which 
Lutz  worked  for  five  years.  She  also 
serves  as  CEO  for  Etsec,  a  company  that 
focuses  on  enterprise  security  services 
and  strategy.  Smith  remains  CEO  and 
CTO  of  Secure  Networking  Company,  a 
managed  security  services  firm  in 
Europe.  He  also  worked  for  VeriSign  as  a 
product  manager. 

The  initial  model  of  the  device,  called  Eli, 
has  a  DSL  modem.  The  company  says  it 
will  soon  ship  a  cable  modem  version, and 
is  designing  a  model  that  will  have  a  PCM¬ 
CIA  slot  that  can  accept  a  cellular  adapter 
card  to  connect  with  wireless  data  ser¬ 
vices.  Each  also  has  a  four-port  Ethernet 
switch,  an  802. 1  lb/g  WLAN  access  point 
and  USB  port. 

VoIP  support  is  also  built  in.  Users  can 
plug  in  a  VoIP  phone  and  use  the  VoIP 
provider  of  their  choice. 

The  embedded  stateful  packet  inspection 
firewall  was  developed  by  ELI. 

Three  other  third-party  security  applica¬ 
tions  are  included:  Blue  Coat  System’s  Web 
filtering  software  to  control  access  to  Web 
sites;  Mail-Filter’s  anti-spam  software;  and  a 
German  anti-virus  application,  AntiVir,  from 
H+BEDV  Datentechnik. 

“Every  line  of  code  [in  the  appliance]  is 
remotely  managed  and  updated  by  us,” 
Lutz  says.  The  application  vendors  were 
chosen  in  part  because  they  frequently 
update  their  software.  ELI’s  hosted  service 
pushes  these  updates  down  to  the  appli¬ 


ances  as  they  come  in,  as  many  as  30 
times  per  day 

Users  plug  the  appliance  into  an  outlet, 
attach  a  DSL  modem  cable,  log  on  to  ELI’s 
Web  site,  mytrusteli.com,  enter  user  name 
and  password  then  select  one  of  five  levels 
of  security  This  configuration  downloads  to 
the  appliance,  where  it  automatically 
installs.  For  small-business  users  or  enter¬ 
prise  teleworkers,  ELI  will  create  custom 
security  pQiicies  to  meet  specific  business 
requirements. 

The  hosted  update  services  starts  at  about 
$10  per  month  for  five  users.  The  appliance 
is  priced  starting  at  $199. 

Lutz  says  many  people  now  are  willing  to 
pay  a  monthly  fee  for  Internet  security  She 
says  that  Verizon  just  announced  a  $7.95- 
per-month  security  service  for  up  to  three 
users.  ELI  also  plans  to  market  the  appli¬ 
ance  and  service  to  ISPs.  ■ 


Profile:  ELI 


Location: 

Mount  Laurel,  N.J. 

Founded: 

September  2004 

Primary 

product: 

Eli,  a  plug-in  network  appliance  that  combines  WAN  connectivity,  a  four-port  Ethernet  switch, 
an  802.11b/g  WLAN  access  point  and  a  USB  port.  But  what's  really  different  is  the  security: 
every  Eli  has  a  built-in  firewall  and  integrated  third-party  anti-virus,  content  filtering  and 
anti-spam  software  updated  automatically  several  times  a  day  by  ELI's  servers. 

Founders: 

Susan  Lutz,  CEO,  co-founder  of  SecurelT,  which  was  acquired  by  VeriSign;  Robert  Smith, 
CTO  as  well  as  CEO  and  CTO  of  Secure  Networking  Company,  a  European  provider  of 
managed  security  services. 

Financing: 

Self-funded. 

Competitors: 

Network  hardware  vendors  such  as  D-Unk,  Linksys,  and  Netgear;  anti-virus  and  anti-spam 
vendors  such  as  McAfee,  Symantec,  Cloudmark  and  Qurb. 

Fun  fact: 

In  May,  the  founders  recruited  a  high-profile  security  guru  as  ELI's  board  chairman;  Howard 
Schmidt,  who  has  served  as  eBay  security  strategist  and  chair  of  President  George  Bush’s 
Critical  Infrastructure  Protection  Board,  and  is  current  chief  security  strategist  for  the 
U.S.  CERT  Partners  Program. 

McAfee  readies  home  Wi-Fi  security 


BY  STEPHEN  LAWSON,  IDG  NEWS  SERVICE 

All  home  Wi-Fi  gear  comes  with  the  bricks 
and  mortar  to  put  up  at  least  a  basic  secu¬ 
rity  wall  against  intruders  and  eavesdrop¬ 
pers,  but  McAfee  wants  to  sell  teleworkers  a 
better  trowel  for  building  it. 

The  company’s  McAfee  Wireless  Home 
Network  Security  software  automatically 
sets  up  encryption  keys  on  Wi-Fi  routers 
and  the  PCs  connected  to  them,  and  then 
rotates  the  keys  every  three  hours,  says 
Stu  Elefant,  senior  product  manager  for 
wireless  and  new  initiatives  at  McAfee. 
The  software  will  work  with  older  Wi-Fi 
systems  that  use  the  Wired  Equivalent 
Privacy  (WEP)  encryption  system,  as  well 
as  current  equipment  that  supports  the 
newer  Wi-Fi  Protected  Access  (WPA)  and 
WPA  2  technologies.  It  is  scheduled  to  go 
on  sale  online  next  week  and  in  stores 
next  month. 

McAfee’s  software  is  designed  to  keep 
intruders,  either  malicious  “war  drivers”  or 
neighbors  who  just  want  to  freeload  on  a 
broadband  Internet  connection,  from 
accessing  wireless  LANs  and  deciphering 
the  packets  that  travel  over  the  network. 
As  users  rapidly  embrace  Wi-Fi  for  their 
home  networks,  many  are  not  using  any 
security  usually  because  they  can’t  figure 


out  how  to  set  it  up,  industry  analysts  say. 

McAfee  isn’t  alone  in  trying  to  tackle  the 
problem.  Broadcom,  which  makes  the 
chips  used  in  many  popular  WLAN  prod¬ 
ucts,  has  developed  a  simplified  security 
setup  technology  that  was  introduced  in 
some  Cisco  products  last  month  and 
might  be  coming  to  other  vendors’  offer¬ 
ings  soon,  observers  say.  And  the  Wi-Fi 
Alliance,  the  industry  group  that  certifies 
Wi-Fi  gear,  in  the  first  half  of  next  year 
plans  to  create  a  standard  for  easy  securi¬ 
ty  setup  that  vendors  can  build  in  and 
have  certified  as  a  check-off  item  on  their 
products. 

After  loading  McAfee’s  software  on  a  PC,  a 
user  can  set  up  security  in  a  few  steps,  Ele¬ 
fant  says.  McAfee  uses  the  standard  Wi-Fi 
security  mechanisms,  but  also  produces  a 
stronger  key  than  most  consumers  can  and 
adds  automatic  key  rotation.  The  full  fea¬ 
tures  of  the  software  work  on  PCs  running 
Windows  98  Second  Edition,  ME,  2000  or  XP 

The  software  saves  customers  from  hav¬ 
ing  to  log  on  to  the  Web  browser  page  of 
the  Wi-Fi  router  and  going  through  a  series 
of  settings,  Elefant  says.  Once  loaded  on  the 
first  PC,  the  software  can  detect  an  unse¬ 
cure  WLAN  node  nearby  and  asks  if  the 
user  wants  it  protected.  If  the  user  confirms 


it,  the  software  puts  a  key  on  the  PC, sets  up 
a  secure  connection  to  the  router  and  sets 
up  the  same  key  on  the  router. 

McAfee’s  tool  works  with  most  of  the  pop¬ 
ular  Wi-Fi  routers,  including  models  from  D- 
Link  and  Belkin,  Elefant  says. 

By  default,  McAfee’s  software  uses  WEP  If 
users  want  to  use  WPA  or  WPA  2,  they  have 
to  manually  change  the  setting.  But  even 
with  WERMcAfee  offers  better  than  average 
security  by  rotating  the  encryption  keys 
and  creating  a  strong  key  he  says. 

McAfee  Wireless  Home  Network  Security 
will  cost  about  $50  for  a  12-month  license 
for  use  with  five  PCs.There  will  be  an  annu¬ 
al  fee  of  about  $10  for  software  updates  to 
support  the  latest  WLAN  gear. 

The  software  also  will  be  available  in  a 
bundle  with  a  three-user  software  firewall 
and  a  three-user  anti-virus  software  license 
for  about  $100,  with  a  planned  annual 
renewal  price  of  about  $80.  In  addition,  it 
will  be  part  of  the  McAfee  Internet  Security 
Suite  -  Wireless  Network  Edition  with  a 
three-user  license  for  McAfee  Internet 
Security  Suite  for  about  $150,  with  a 
planned  renewal  price  of  about  $110.  The 
Internet  Security  Suite  includes  privacy 
and  anti-spam  tools,  among  other  things, 
Elefant  says.  ■ 
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TECHNOlOflY  UPDATE 

■  AN  INSIDE  LOOK  AT  TECHNOLOGIES  AND  STANDARDS 


Federation  gateway  bridges  standards 


HOW  IT  WORKS:  Federation  gateway 

A  federation  gateway  provides  protocol  translation  between  companies  that 
use  different  identity  management  standards  so  they  can  seamlessly  connect 
to  each  other’s  business  applications. 

Company  B  Company  A 


□  0  SAML1.1.  □ 


Q  Authorized  user  from  Company  B  requests  access  to  a  secure  application  at  Company  As  Web  site. 

0  Federated  identity  management  system  at  Company  B  redirects  the  user  with  a  Liberty  1.1  assertion  to 
the  federation  gateway  at  Company  A. 

0  Federation  gateway  verifies  the  assertion  is  coming  from  a  trusted  partner,  creates  an  SAML  1.1  assertion, 
and  redirects  the  user  to  Company  A. 

0  Federated  identity  management  system  at  Company  A  verifies  the  SAML  1.1  assertion  from  the  federation 
gateway,  and  then  allows  the  user  from  Company  B  to  access  the  requested  application  without  prompting 
him  for  a  user  name  and  password. 


BY  ATUL  TULSHIBAGWALE 

Federated  identity  management  lets  indi¬ 
viduals  use  the  same  user  name,  password 
or  other  authentication  mechanism  to  per¬ 
form  a  single  sign-on,  and  access  applica¬ 
tions  and  data  hosted  by  more  than  one 
organization.  An  employee  portal  that  links 
a  401  (k)  custodian,  mutual  fund  firm,  pay¬ 
roll  processing  company  and  HMO  is  a 
good  example  of  a  federated  identity  man¬ 
agement  deployment. 

Partners  in  a  federated  identity  manage¬ 
ment  system  depend  on  one  another  to 
authenticate  their  respective  users  and 
vouch  for  their  identity  and  access  privi¬ 
leges.  Currently,  companies  must  choose 
between  one  of  three  evolving  protocols  — 
Security  Assertion  Markup  Language 
(SAML),  Liberty  Alliance  and  WS- 
Federation  —  to  federate  user  identities 
across  corporate  boundaries.  These  proto¬ 
cols  standardize  communications  between 
applications  so  partners  are  not  forced  to 
adopt  the  same  technologies  for  directory 
services,  security  and  authentication. 
However,  interoperability  remains  a  road¬ 
block,  because  not  only  the  three  protocols 
but  also  different  versions  of  the  same  pro¬ 
tocol  are  incompatible. 

A  new  technology  called  a  federation 
gateway  has  emerged  to  provide  protocol 
translation  services  between  corporations 
that  use  different  federated  identity  man¬ 
agement  protocols. 

How  it  works 

Central  to  a  federated  identity  system  is 
the  trust  relationship  between  a  Web 
site/organization  that  authenticates  users 


(known  as  an  identity  provider)  and  the  site 
that  relies  on  this  authentication  to  provide 
secure  access  to  a  Web  application  or  ser¬ 
vice  (known  as  a  service  provider).  A  feder¬ 
ation  gateway  eliminates  the  need  for  an 
identity  provider  site  and  a  service  provider 
site  to  use  the  same  federated  identity  man¬ 
agement  protocol  and  version. 

Let’s  consider  how  a  federation  gateway 
operates  at  a  service  provider  site,  which 
must  process  requests  from  multiple  identi¬ 
ty  providers  to  access  its  applications.  In 


our  example,  Company  A  is  acting  as  a  ser¬ 
vice  provider  using  the  SAML  1 . 1  protocol 
to  offer  its  partners  federated  access  to  its 
Web  applications.  Meanwhile,  three  partner 
companies  (Companies  B,  C  and  D)  that 
require  access  to  Company  As  applications 
will  act  as  identity  providers.  However,  the 
identity  providers  have  standardized  on 
separate  protocols  —  SAML  2.0,  Liberty  1.1 
and  Liberty  Irrespectively 
The  federation  gateway  enables  Company 
As  federated  identity  management  system 


to  interoperate  with  Company  B’s,  C’s  and 
D’s  federated  identity  management  systems 
because  it  translates  incoming  SAML  2.0, 
Liberty  1.1  and  Liberty  1.2  assertions  into 
SAML  1.1  before  sending  them  on  to 
Company  As  applications.  Conversely  it  pre¬ 
sents  itself  to  each  identity  provider  using 
the  native  federated  identity  management 
protocol  deployed  by  the  site.  In  our  exam¬ 
ple,  the  federation  gateway  speaks  SAML  2.0 
to  Company  B,  Liberty  1.1  to  Company  C, 
and  Liberty  1.2  to  Company  D. 

A  federation  gateway  works  in  the  follow¬ 
ing  way.  First,  an  authorized  user  from 
Company  C  requests  access  to  a  secure 
application  at  Company  As  Web  site.  The 
federated  identity  management  system  at 
Company  C  redirects  the  user,  who  has  a 
Liberty  1.1  assertion,  to  the  federation  gate¬ 
way  at  Company  A.  The  federation  gateway 
verifies  the  assertion  is  coming  from  a  trust¬ 
ed  partner,  creates  a  SAML  1.1  assertion, 
and  redirects  the  user  to  Company  A.  Upon 
receiving  and  verifying  the  SAML  1 . 1  asser¬ 
tion  from  the  federation  gateway  Company 
A  lets  the  user  from  Company  C  access  the 
requested  application  without  prompting 
him  for  a  user  name  and  password. 

In  an  environment  where  federated  iden¬ 
tity  management  standards  are  still  evolv¬ 
ing,  a  federation  gateway  enables  compa¬ 
nies  to  deploy  federated  identity  manage¬ 
ment  with  the  confidence  of  knowing  they 
can  seamlessly  connect  with  their  business 
partners  irrespective  of  protocol. 

Tulshibagwale  is  CEO  and  co-founder  of 
Trustgenix.  He  can  be  reached  at  at@trust 
genix.com. 


Ask  Dr.  Internet  By  Steve  Blass 


I  have  a  large  collection  of  files  to  make  publicly 
available  from  a  Windows  2003  Web  server  run¬ 
ning  Internet  Information  Server  6. 1  would  like 
to  just  put  the  files  in  a  directory  and  have  the 
Web  server  show  visitors  the  directory  listing, 
but  the  server  insists  on  asking  for  a  user  name 
and  password.  How  do  I  adjust  the  IIS  settings 
to  allow  people  to  see  the  directory  listing  with¬ 
out  requiring  a  logon? 

In  Windows  2003  you  can  manage  the  IIS  settings 


through  the  Internet  Information  Services  Manager. 
Open  the  Administrative  Tools  menu  and  select  the 
Internet  Information  Services  Manager  choice.  When 
the  IIS  Manager  window  opens,  double-click  on  the  local 
computer  Web  server  icon  in  either  the  right  or  left 
pane  of  the  dialog  and  then  double-click  on  the  Web 
Sites  icon  to  open  up  your  list  of  Web  sites.  Drill  down 
by  double-clicking  on  the  appropriate  site,  which  is  prob¬ 
ably  the  Default  Web  Site  entry.  Once  you  can  see  the 
directory  you  want  to  make  publicly  available,  highlight 
that  directory  and  right-click  to  bring  up  the  context 


menu.  Choose  Properties.  In  the  Properties  dialog,  first 
check  the  Directory  Browsing  box  and  then  click  on  the 
Directory  Security  tab.  Click  the  Edit  button  in  the 
Authentication  and  Access  Control  section  of  the 
Directory  Security  dialog,  check  the  Enable  Anonymous 
Access  box,  and  click  OK.  Your  visitors  should  then  be 
able  to  see  the  directory  listing. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.internet@change 
atwork.com. 
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PingPlotter  gets  even  better 


GEARHEAD 

INSIDE  THE 
NETWORK 
MACHINE 

Mark  Gibbs 


1  e  love  it  when  a  product 
keeps  getting  better.  We  don’t 
mean  products  that  just  lose 
a  few  bugs.  We  mean  products  that 
get  new  and  exciting  features  that 
really  improve  the  functionality  even 
as  the  bugs  are  eradicated.  Such  is 
the  case  with  a  product  that  has 
been  a  longtime  favorite  of  ours: 
PingPlotter  from  Nessoft. 

PingPlotter,  which  runs  under 
Windows,  has  been  invaluable 
around  here.  We  have  found  so  many 
opportunities  to  use  it  since  we  first  reviewed  it  back  in  1  BC 
(that’s  “Beyond  Crash,”  or  what  the  rest  of  the  world  calls 
2001)  that  it  would  be  hard  to  imagine  not  having  it  around. 

Should  you  not  have  total  recall  of  that  column  or  are  dis¬ 
inclined  to  explore  the  dust-laden  Gearhead  catacombs,  let 
us  briefly  recap  how  this  tool  works:  PingPlotter  is  essential¬ 
ly  good  ol’  *nix  traceroute  with  a  pretty  face  and  muscles. 

The  original  traceroute  program  was  the  usual  “as  friend¬ 
ly  as  a  cornered  rat”  text  program,  whereas  PingPlotter  is 
graphical  and  user  friendly  With  this  release,  Version  2.7, 
PingPlotter  has  become  traceroute  with  a  pretty  face  and 
muscles  on  amphetamines  and  drinking  Red  Bull. 

PingPlotter  is  primarily  used  to  continuously  track  the 
routes  to  servers,  but  the  latest  version  (only  $20  —  the  first 
version  is  available  as  freeware)  takes  the  product  to  new 
levels  of  functionality 


The  original  traceroute  program  determines  the  sequence 
of  routers  that  lie  between  the  machine  running  traceroute 
and  some  target  machine,  and  reports  on  the  ping  time  (the 
latency  or  round-trip  duration)  to  each  router. 

The  way  traceroute  works  is  cunning:  It  first  finds  the  tar¬ 
get  machine’s  IP  address  and  then  sends  the  target  an 
Internet  Control  Message  Protocol  (ICMP)  request  with  a 
Time  to  Live  (TTL)  parameter  set  to  1. 

PingPlotter  has  an  embedded 
Web  server  so  you  can 
browse  its  tracking  results 
from  anywhere. 

The  first  router  receives  the  packet  and  decrements  the 
TTL  value  by  one,  finds  it  is  0,  and  responds  with  a  TTL- 
exceeded  response  that  includes  the  router’s  IP  address, 
which  we  can  resolve  into  a  name  with  a  reverse  DNS 
lookup.  And  since  we  know  when  we  sent  the  packet  and 
when  the  response  from  the  router  was  received  we  could 
determine  the  latency 

Now  that  we  know  the  first  step  in  the  chain  of  routers,  we 
can  send  an  ICMP  message  with  TTL  set  to  2  and  determine 
the  IP  address,  name  and  latency  of  the  next  router  and  so 
on  for  each  router  hop  in  turn. 

The  new  version  of  PingPlotter  has  a  vastly  improved 
interface.  For  example,  it’s  tabbed,  so  you  can  run  multiple 


traces,  each  under  its  own  tab. There’s  also  a  summary  tab 
that  shows  you  the  performance  of  all  targets. 

Among  its  many  other  new  features,  PingPlotter  has  an 
embedded  Web  server  so  you  can  browse  its  tracking 
results  from  anywhere  and  can  customize  the  Web  output 
as  you  please.You  also  can  export  the  tracking  data  to  other 
programs  or  use  PingPlotter  to  review  saved  tracking  data 
files.  There’s  even  experimental  support  for  remote  trace 
collectors  written  in  Perl. 

We  are  currently  using  PingPlotter  to  try  to  figure  out  why 
our  Vonage  VoIP  telephone  services  are  misbehaving.  We 
suspect  the  problem  started  when  we  switched  our  DSL  ser¬ 
vice  from  a  static  IP  address  to  a  dynamic  IP  address.  Over 
the  last  few  weeks  our  VoIP  services  have  become  unreli¬ 
able,  often  redirecting  calls  to  our  cell  phones  which  are  the 
alternate  numbers  we  specified  should  our  DSL  line  fail. 

Monitoring  our  connection  using  PingPlotter  shows  that 
our  DSL  connection  apparently  stops  working  randomly 
even  though,  as  reported  by  our  router,  the  link  is  still  work¬ 
ing.  We  now  suspect  the  default  gateway  (the  first  router  in 
SBC’s  network)  assigned  to  our  router  (on  our  side  of  the 
DSL  modem)  by  Fbint-to-Fbint  Protocol  over  Ethernet  is 
being  randomly  changed.This  would  seem  to  be  a  serious 
problem. We  have  to  talk  to  SBC. . .  .Will  the  fun  never  end? 

PingPlotter  is  highly  recommended. 

Route  your  thoughts  to  gearhead@gibbs.com.  And  check 
Gearblog  (www.  networkworld.  com/ weblogs /gearblog) 
for  links  and  notes  for  this  column. 


CooUools 


Quick  takes  on  high-tech  toys.  Keith  Shaw 

The  scoop:  Das  Keyboard,  about  $80  from  www.daskeyboard.coni. 
4  What  it  is:  At  first  glance  you  notice  the  size  of  this  keyboard  and  it 
brings  you  back  to  the  early  days  of  computing  when  the  keyboards 
were  mega-sized.  At  second  glance  you’ll  notice  that  there  are  no  markings  on  the 
USB  keyboard  —  it’s  totally  black.  No  labeling  at  all,  except  in  the  upper  right  corner 
that  indicates  whether  the  Num  Lock,  Caps  Lock  or  Scroll  Lock  function  is  lit.  At  third 
glance  you  might  think  this  is  somebody’s  idea  of  a  practical  joke  —  that  you  could¬ 
n’t  get  any  use  out  of  a  keyboard  that  doesn’t  label  its  keys. You’d  be  wrong. 

The  company  says  that  the  Das  Keyboard  has  different  levels  of  force  in  order  for 
the  keys  to  register  a  stroke.  Most  keyboards  use  55  grams  of  force  on  each  key  while 
the  Das  Keyboard  varies  the  force  from  35  to  80  grams  to  create  more  comfort  for 
your  typing  hands.  The  standard  104-key  keyboard  also  works  with  Macintosh  and 
Linux  systems. 

Why  it’s  cool:  I’ll  admit,  this  is  for  touch  typists 
only.  My  typing  has  im¬ 
proved  through  years  as  a 
journalist,  so  a  keyboard 
that  lacks  markings  didn’t 
intimidate  me.  Everyone  I’ve 
showed  the  Das  Keyboard  to  says, 

“OK,  but  what  about  the  hard-to-reach 
keys,  like  the  number  keys  or  the  symbols 
above  the  numbers?”  Surprisingly  when  I’ve 
had  to  type  $  or  #  or  @  for  an  email 

address,  my  hands  seem  to  know  where  to  go.  Even  for  Windows  commands  such 
as  CTRL-S  for  Save  and  CTRL-0  for  Open,  I  don’t  have  to  look  at  the  keyboard. 

Finally,  this  is  cool  because  it’s  all  black,  it  gives  you  some  “geek  street  cred,” 


The 

look,  design 
and  feel  of  the  Das 
Keyboard  earn  the  highest 
grade,  and  its  user  a  little  ‘geek 
street  cred.' 


Let  your  music  take 
you  places  -  up  to 
about  30  feet  -  with 
Logitech's  wireless 
headphones. 


although  I  haven’t  fig¬ 
ured  out  whether  that’s 
worth  anything. 

I  didn’t  notice  whether 
different  keys  felt  any  differ¬ 
ent,  as  the  company  suggests, 
but  the  tactile  feel  and  feedback 
from  the  keyboard  felt  better  than 
my  standard  keyboard.  1  did  make  typing  mistakes,  but  those  were  just  my  normal 
mistakes  resulting  from  typing  too  fast. 

Grade:  ★★★★★  (out  of  five) 

The  scoop:  Wireless  headphones  for  MP3,  about  $130,  by  Logitech. 

What  it  is:  These  cordless  behind-the-head  headphones  use  a  Bluetooth  adapter 
connected  to  the  headphone  jack  of  any  digital  audio  player  (you  also  can  connect 
it  to  the  headphone  jack  of  a  notebook). When  paired  via  Bluetooth, you  can  walk 
away  from  your  music  player  and  still  hear  the  music  for  about  30  feet.The  adapter 
is  designed  for  the  headphone  jack  of  an  iFbd  device  but  comes  with  a  small  exten¬ 
sion  cord  if  your  music  player’s  headphone  jack  is  in  a  hard-to-reach  location. 

Why  it’s  cool:  No  longer  tethered  to  your  iPod,  these  headphones  are  great  for 
walking  around  the  office  without  having  to  carry  the  device.  More  importantly  you 
can  run  on  a  treadmill  without  being  connected  to  the  player  and  worrying  that 
your  movements  will  damage  the  cord  or  the  player. 

Some  caveats:  Being  Bluetooth,  I  still  had  to  learn  the  correct  pattern  of  buttons  to 
push  in  order  to  get  the  headphones  to  associate  with  the  adapter.  The  head¬ 
phones  are  slightly  heavy  on  the  ear.You  also  can’t  adjust  the  headband  (the  plas¬ 
tic  parts  connecting  the  two  earphones), so  it  might  not  fit  comfortably  (there  was 
some  space  between  the  back  of  my  head  and  the  headband). 

Grade:  ★★★★ 

Shaw  can  be  reached  at  kshaw@nww.com. 


8.29.05  •  www.networkworld.com  •  31 


0%  si  m 

unions 

The  feature  “IT  staff  shortage  looming” 
(www.networkworld.com,  DocFinder:  8624)  struck  a  major 
chord  with  many  readers.  Here’s  what  some  had  to  say: 

China  syndrome 

I’m  sick  of  hearing  this  worker  shortage  crap.  It’s  business  and  indus¬ 
try’s  own  fault.  Working  in  IT  sucks  —  by  which  I  mean  there’s  no 
respect  from  the  business  side  for  the  IT  side.  IT  workers  have  been 
devalued.  IT  used  to  be  a  career,  but  now  it’s  just  a  job,  like  working 
at  Burger  King  or  McDonald’s.  Companies  have  stopped  investing  in 
training;  they  want  someone  else  to  do  it.  Don’t  worry  someone  will, 
and  its  name  is  China. 

Geoffrey  Rarick 
Database/network  administrator 
Thoracic  &  Cardiovascular  Institute 

Lansing,  Mich. 


IT  paradox 

It’s  not  surprising  that  IT  enrollments  have  dropped.  No  one 
wants  to  spend  years  in  an  expensive,  difficult  major  at  a 
university  only  to  find  that  career  opportunities  rise  and  fall 
like  a  roller  coaster.  My  degrees  are  in  electrical  engineer¬ 
ing,  and  for  as  long  as  1  can  remember  there  have  been 
people  predicting  an  engineering  shortage.  But  I  suspect 
what  they  were  predicting  was  a  shortage  of  cheap  engi¬ 
neers,  not  engineers  per  se.  According  to  the  IEEE,  unem¬ 
ployment  among  electrical  engineers  in  this  country  dur¬ 
ing  the  past  recession  reached  historically  unprecedented 
levels. 

Today’s  college  students  aren’t  stupid.They  can  see  which 
professions  are  valued  by  society  and  provide  long,  stable 
careers  with  opportunities  for  growth.  They  also  can  see 
which  ones  will  throw  them  into  a  labor  pool  that  grows 
and  shrinks  with  every  perturbation  of  the  economy  It 
seems  paradoxical  that  with  IT  becoming  more  and  more 
a  part  of  everything  we  do, unemployment  and  outsourcing 
has  driven  people  away  from  the  field. 

Robert  Spooner 

Registered  professional  engineer/associate  research 

engineer 

Applied  Research  Laboratory 
Pennsylvania  State  University 
State  College,  Pa. 

Loyalty  lacking 

It  is  ironic  that  some  of  the  same  companies  now  crying 
about  the  declines  in  computer  science  enrollments  and 
the  people  leaving  the  field  are  the  same  companies  that 
shipped  U.S.  jobs  to  other  countries.  If  these  companies  are 
so  concerned  about  people  leaving  the  field  and  discour¬ 
aging  people  from  pursuing  IT,  they  need  to  start  fostering 
some  loyalty  among  their  current  employees  and  make  IT 
a  rewarding  career  choice. 

For  the  past  four  years  every  payday  has  been  a  time  of 
high  anxiety  —  my  employer  has  been  laying  people  off 


fairly  regularly  and  announced  approximately  a  year  ago 
that  up  to  20,000  more  people  would  be  laid  off.  This  has 
absolutely  trashed  morale,  and  how  many  current  employ¬ 
ees  are  going  to  be  touting  IT  as  the  career  of  choice? 
Would  you  want  your  children  to  work  in  this  sort  of  envi¬ 
ronment?  Some  of  my  co-workers  trained  their  replace¬ 
ments  immediately  before  being  laid  off.  My  recommenda¬ 
tion  for  college-bound  youth  is  to  look  to  healthcare  as  a 
solid  place  to  be  an  IT  staff  person.  People  will  always  need 
medical  care  and  it  is  hard  to  send  all  the  related  jobs  over¬ 
seas  because  of  the  hands-on  nature  of  that  business. 

The  HR  and  IT  managers  need  to  look  long  and  hard  at 
the  way  they  treat  their  current  IT  staff.  We  are  the  barome¬ 
ter  that  is  looked  at  by  college-bound  youth  when  they 
select  a  career.  Asking  someone  to  do  the  work  of  two  or 
more  people  for  the  same  salary  with  lots  of  extra  hours 
and  then  hanging  layoffs  over  their  heads  does  not  make 
for  a  worker-friendly  venue. 

Mark  Janowski 

Countryside,  Ill. 

Be  a  mentor 

The  looming  labor  shortage  is  an  issue  the  industry  must 
prepare  for  now. While  true  job  needs  are  always  difficult  to 
predict,  when  you  combine  retirees  with  the  shrinking 
pipeline  of  computer  science  and  engineering  majors  at 
the  post-secondary  level,  even  if  job  growth  in  hardware 
and  software  engineering  and  related  fields  over  the  next 
few  years  is  nonexistent,  there  may  be  a  shortage  of  quali¬ 
fied  workers  in  the  U.S. 

In  addition  to  my  role  at  Cisco,  I  chair  the  North  Carolina 
Technology  Association  and  just  completed  a  two-year 
term  as  chair  of  the  Governor’s  Business  Council  on 


Education  in  North  Carolina.  The  Business  Roundtable,  a 
business  leadership  group  in  the  U.S.,  just  published  an 
action  plan  laying  out  a  strategy  to  double  the  number  of 
science,  technology  engineering  and  math  majors  by  2010 
(see  DocFinder:  8625).  The  industry  needs  to  support  this 
effort  with  resources  and  time. 

How  can  individual  readers  engage  to  assist  this  effort? 
Mentoring  is  one  way  A  great  mentor  could  make  the  dif¬ 
ference  in  unlocking  a  middle  or  high  schooler’s  interest  in 
a  technology  career. 

Joseph  Freddoso 
Director,  RTP  Site  Operations 
Cisco 

Research  Triangle  Park,  N.C. 

Military  background 

The  story  left  out  one  source  where  IT  professionals  came 
from  in  the  1960s,  70s  and  ’80s:  the  military  services.  Until 
the  consolidation  of  operations  in  the  Defense  Information 
System  Agency  in  the  ’90s,  all  services  had  large  opera¬ 
tional  activities  supported  by  both  officers  and  enlisted 
personnel  in  the  communications  and  computer  career 
fields.  Having  spent  more  than  32  years  with  the  Air  Force 
as  an  enlisted  troop  and  then  a  Department  of  Defense 
civilian  at  one  of  the  development  and  operational  organi¬ 
zations,  I  saw  the  development  of  many  skilled  IT  profes¬ 
sionals.  We  had  approximately  250  officers  and  1 ,200  to 
1,500  enlisted  personnel,  of  which  about  50%  were  IT 
skilled.  Almost  all  got  their  college  degree  or  advanced 
degrees  as  an  adjunct  to  their  service  time.  Many  moved  to 
the  civilian  marketplace  at  the  end  of  their  tour. 

It  would  be  interesting  to  know  how  many  IT  workers  that 
plan  to  retire  in  the  next  few  years  have  had  some  military 
IT  schooling  and/or  experience.  With  the  Department  of 
Defense  downsizing  its  IT  personnel  career  programs,  that 
source  is  drying  up,  too.  1  know  many  Department  of 
Defense  agencies  are  facing  the  same  problem  as  the 
commercial  marketplace  —  where  to  find  qualified  IT  staff. 

Duck  Mara 
Director 
CACI 

Montgomery  Ala. 

How  to  hire 

Regardless  of  the  decrease  in  the  number  of  IT,  IS,  MIS  and 
computer  science  graduates,  the  biggest  problem  is  that  vir¬ 
tually  nobody  knows  how  to  hire  people  anymore.  Nobody 
seems  to  remember  that  in  the  hiring  process,  the  first  qual¬ 
ity  you  should  look  for  is  whether  the  candidate  can  get  the 
job  done.  Over  the  years,  other  factors  have  become  far  too 
important  in  the  process, such  as  degrees,  prior  experience, 
past  employers  and  so  on. 

Most  of  the  people  who  can  do  the  job, are  qualified  to  do 
the  job,  who  want  the  job,  and  who  might  actually  add 
value  to  your  company  are  dismissed  in  the  resume  screen¬ 
ing  process.  Until  people  can  learn  how  to  hire  again,  noth¬ 
ing  is  ever  going  to  solve  the  problem. 

Dave  Sroelov 
President 
A  &  S  Computer  Services 

Wake  Forest,  N.C. 


nww  ah  t  More  reader  input 

WWlfjtt  1 1  Find  out  what  readers  have  to  say  about  this  and  other  topics.  DocFinder:  1030 


32  •  www.networkworld.com  •  8.29.05 


Google:  Building  a 
brick  at  a  time 


The  freight  train  that  is  Google  roared  into  new  territory 
last  week  with  the  addition  of  Google  Talk,  an  instant 
messaging  service  that  also  supports  voice  links,  and 
Desktop  2,  a  PC-based  tool  that  could  help  Google  gain  valu¬ 
able  desktop  real  estate. 

These  announcements  come  on  the  heels  of  news  that 
Google  plans  to  issue  another  $4  billion  worth  of  stock  to 
fund  future  developments. 

Theories  abound  about  what  Google  will  do  with  that 
windfall,  but  the  sky  appears  to  be  the  limit.  While  Microsoft 
is  occupied  fixing  problems  with  legacy  products,  Google  is 
churning  out  new  wares  that  result  in  water-cooler  buzz  — 
everything  from  a  news  aggregation  service  to  Google 
Mobile  for  cell  phone  access  and  a  program  called  Google 
Earth  (http://earth.google.com)  that  lets  users  zoom  in  from 
space  to  a  specific  location. 

It  isn’t  clear  how  Google  will  make  money  with  things  such 
as  Earth,  but  tools  such  as  Google  Talk  and  Desktop  2  help 
round  out  the  company’s  growing  collection  of  PC-based 
software  and  position  Google  for  future  advances. 

Desktop  2  is  a  downloadable  Windows  application  that 
combines  hard  drive  search  (the  primary  focus  of  the  origi¬ 
nal  Desktop  beta)  with  Outlook  search  and  what  Google  calls 
personalized  Web  search.The  latter  learns  from  what  you 
view  online  —  from  news  stories  and  RSS  feeds  to  Web  pages 
and  photos  —  and  automatically  populates  a  vertical  screen 
sidebar  with  information  it  deems  relevant  to  your  interests. 

That  sidebar  also  supports  Google’s  free  Gmail  service  and, 
by  extension, Talk.Talk  adds  IM  capabilities  to  Gmail  and  sup¬ 
port  for  audio  chat  (via  VoIP)  between  Gmail  users. 

Talk  is  based  on  the  Jabber  open  source  code  and,  as  such, 
users  will  be  able  to  exchange  messages  with  other  IM 
clients  that  support  the  Extensible  Messaging  and  Presence 
Protocol,  including  Trillian.Adium  and  iChat. 

While  the  company  faces  what  would  appear  to  be  insur¬ 
mountable  odds  in  deciding  to  compete  with  IM  leaders  — 
AOL  has  roughly  40  million  users, Yahoo  close  to  20  million 
and  Microsoft  MSN  almost  15  million  —  that  really  isn’t  the 
point.The  company  is  adding  incremental  value  where  it 
can  with  the  idea  that  the  whole  will  ultimately  be  greater 
than  the  sum  of  the  parts. 

The  Holy  Grail  is  having  a  prominent  enough  role  in  the 
user  interface  that  developers  start  to  build  to  the  environ¬ 
ment,  further  fleshing  it  out  and  making  it  more  important. 
These  new  tools  help  move  the  company  toward  that  goal. 
And  who  could  forget  that  Google  hired  one  of  the  principal 
designers  of  the  Firefox  browser,  so  the  ultimate  leap  might 
not  be  too  far  off. 


—  John  Dix 
Editor  in  chief 
jdix@nww.com 


UDimons 


Thou  shalt  not  steal 

After  reading  the  story  “Mooching  Wi-Fi”  (www.net- 
workworld.com,  DocFinder:  8626),  I  began  to  won¬ 
der  if  we  could  apply  this  type  of  thinking  to  other 
aspects  of  our  lives.  Can  1  borrow  my  neighbor’s  car 
simply  because  he  left  the  keys  in  it?  What  about  lit¬ 
tle  Timmy’s  bike  that  he  left  out?  He  isn’t  using  it;  I 
will  bring  it  back,  and  there  is  no  sign  saying, “Do  not 
steal  my  bike.” 

One  of  the  biggest  crimes  in  America  today  is  the 
total  loss  of  moral  and  ethical  values.  Why  can’t  we 
stick  to  the  simple  fact  that  if  someone  else  paid  for 
it,  and  they  have  not  invited  you  to  share  it,  you 
should  stay  out?  I  have  a  wireless  LAN  (WLAN)  in 
my  home,  and  it  is  locked  down  as  best  1  know  how. 
1  also  have  a  neighbor  close  by  who  broadcasts  his 
SID,  uses  all  the  defaults  and  will  hand  out  address¬ 
es  left  and  right  to  anyone  with  an  access  card.  I 
could  cancel  my  service  and  use  his,  but  I  did  not 
pay  for  it,  and  he  did  not  invite  me  to  share.  I  suspect 
his  openness  is  due  more  to  a  lack  of  understanding 
in  WLAN  configuration  than  a  desire  for  everyone  in 
the  neighborhood  to  have  Internet  access  on  his 
dime,  but  that  is  no  reason  for  me  to  use  his  access. 

This  reminds  me  of  the  hackers’  defense  years  ago, 
before  security  banners  really  became  necessary. 
The  hackers  claimed  they  did  not  know  they  were 
not  supposed  to  access  those  computers  because 
no  one  said  “no.”  Come  on! 

Scott  Magerfleisch 
Denver 

'Net  crashers 

Regarding  Mark  Gibbs’  BackSpin  column,  “Many 
could  crash  the  ‘Net...  but  they  lack  motivation” 
(DocFinder  8627):  It  would  appear  Gibbs’  definition 
of  “crash  the  Internet”  is  “render  every  Cisco  router 


that  matters  ineffective  at  the  same  time.”  For  this  to 
happen,  there  would  have  to  be  a  combination  of 
exploitable  vulnerabilities  applicable  to  all  Cisco 
routers,  with  the  exploits)  available  to  the  motivat¬ 
ed  attacker(s).  If  I  recall,  Michael  Lynn  was  address¬ 
ing  a  vulnerability  for  which  a  patch  was  already 
available  —  his  main  complaint  seems  to  be  that  it 
isn’t  widely  deployed.  Yes,  it  is  bad  that  the  Internet 
is  a  Cisco  monoculture,  but  how  long  do  you  think 
that  would  last  if  even  a  significant  fraction  of  the 
‘Net  were  offline  for  an  hour  or  more? 

Donald  Welker 
Warwick,  R.I. 

Not  a  hero 

Regarding  Mark  Gibbs’  BackSpin  column  “Stepping 
in  front  of  the  freight  train”  (DocFinder:  8628):  What 
Michael  Lynn  demonstrated  was  that  he  could 
remotely  access  a  Cisco  router  at  the  highest  level, 
which  allowed  him  to  do  anything  from  degrading 
performance  or  monitoring  traffic  to  disabling  the 
router  completely 

The  problem  is  that  because  much  of  the  Internet 
relies  on  Cisco  routers,  this  is  pretty  serious  stuff. 
Cisco  did  fix  this  issue  some  months  ago,  but  many 
companies  have  yet  to  upgrade  their  router 
firmware.  Lynn  said  if  the  router  owners  “upgrade 
their  firmware,  they’ll  probably  be  fine." 

His  responsibility  was  to  advise  Cisco  —  to  give  the 
company  time  to  evaluate  and  correct  the  problem, 
and  if  it  refused  action,  then  and  only  then  to  broad¬ 
cast  the  vulnerability  He  chose  glory  as  a  hacker 
accomplice.  Lynn  should  be  barred  from  IT  world. 

Leslie  Satenstein 
Montreal 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief.  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 
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COLLABORATION  AND 
SECURITY 
Robin  Layland 


CACHE  ADVANCE 
Linda  Musthaler 


Open  up  your  network 


We  are  making  it  too  hard  to  collaborate 
with  others.  Our  networks  are  closed  forts 
to  anyone  outside  of  the  corporation. 
Consider  this  example:  A  vendor  needed 
access  to  a  device  behind  a  client’s  firewall. First, 
the  vendor’s  internal  contact  had  to  apply  to  the 
client’s  security  administrator  and  provide  infor¬ 
mation  on  the  person  needing  access,  the  com¬ 
pany  and  the  equivalent  to  swearing  an  oath  that 
the  person  is  a  good  person.  After  the  applica¬ 
tion  was  reviewed  and  approved,  the  vendor  had 
to  call  the  security  administrator  to  get  a  token. 
The  vendor  then  had  to  act  immediately  be¬ 
cause  the  token  doesn’t  last  long;  even  a  short 
delay  would  start  the  process  over  again. 

What  is  the  moral  of  this  story?  You  better  be 
motivated  to  let  the  other  person  in  because  it 
will  not  be  easy,  it  will  take  a  lot  of  time  and  you 
better  have  a  good  case. 

What  would  a  solution  look  like?  Each  PC  or 
server  would  need  software  that  allows  the 
owner  to  specify  who  can  come  in  and  what 
application  or  file  that  person  can  access.  There 
would  be  a  standard  way  to  specify  people,  a 


universal  name  or  number,  and  the  length  of 
time  an  authorization  is  good.  If  the  PC  accepts 
them,  then  the  firewall  would  take  no  further 
action.  If  the  PC  rejects  them,  then  the  firewall 
would  block  the  connection,  maybe  even  using 
intelligence  to  track  the  person’s  connection  to 
see  if  he  is  just  walking  through  the  corporation 

It  is  not  enough  to  hope 
vendors  will  step  up  to  the 

plate;  they  will  not  solve 
the  universal  registration 
problem. 

knocking  on  doors.  The  system  then  would 
block  his  attempt  to  find  an  unlocked  “house.” 
The  firewall  also  could  monitor  the  connection 
to  make  sure  it  doesn’t  access  something  it 
shouldn’t. 

The  reason  we  don’t  want  to  think  about  this 
approach  is  that  it  requires  us  to  do  something 
we  aren’t  good  at  —  knowing  who  is  behind  the 


connection.  Registration  and  authentication  on 
a  global  scale  is  needed  to  open  up  the  world 
and  help  make  it  safe.  We  should  be  working  in 
industry  forums  or  through  the  government  to 
solve  this  problem.  Acting  like  it  is  not  our  prob¬ 
lem  doesn’t  make  it  go  away  and  we  will  have  to 
face  it  one  day. We  will  all  soon  have  to  reach  out 
beyond  our  walled  cities  and  open  up  to  the 
world  and  our  customers. 

Companies  have  a  large  stake  in  solving  this 
problem  but  are  doing  little.  It  is  not  enough  to 
hope  vendors  will  step  up  to  the  plate;  they  will 
not  solve  the  universal  registration  problem. 
Users  need  to  speak  up  and  tell  vendors  and 
government  we  need  a  solution.  We  need  to 
rethink  how  we  do  security  and  move  away  from 
walling  ourselves  off  and  instead  start  opening 
up  the  walls.  The  companies  that  effectively  do 
this  will  open  up  a  whole  new  world. 

Layland  is  president  of  Layland  Consulting,  spe¬ 
cializing  in  new  technology  and  its  impact  on 
enterprise  networks.  He  can  be  reached  at 
robin  @layland.  com. 


Reconsidering  the  IBM-Lenovo  deal 


Earlier  this  year,  I  expressed  misgivings 
about  the  sale  of  IBM’s  PC  division  to 
China-based  Lenovo  Group  (www.net- 
workworld.com;  DocFinder:  8557).  While  I 
thought  IBM  was  smart  for  unloading  its  unprof¬ 
itable  PC  group,  I  also  thought  ThinkPad  and 
ThinkCentre  customers  would  get  the  raw  end 
of  the  deal. 

However,  1  recently  spent  an  intense  day  talk¬ 
ing  with  Lenovo’s  senior  executives,  and  they 
have  allayed  my  fears.  In  fact,  these  discussions 
have  given  me  a  positive  outlook  on  Lenovo’s 
worldwide  role  in  the  PC  market.  Of  course,  it’s 
just  barely  three  months  since  the  sale  closed, 
so  time  will  tell  if  Lenovo  can  pull  off  its  grand 
plans. 

Initially,  I  had  three  concerns  about  the  sale:  1) 
the  inevitable  loss  of  innovation  if  Lenovo  cur¬ 
tails  the  funding  of  R&D  to  which  PCD  was 
accustomed;  2)  The  fear  that  Lenovo  might 
focus  simply  on  cost  cutting  in  order  to  stay 
competitive,  resulting  in  a  loss  of  corporate  cus¬ 
tomers  outside  of  China;  and  3)  a  potential 
“brain  drain”  if  former  IBMers  refuse  to  don  a 
Lenovo  badge.  Lenovo  addressed  each  of  my 
fears  with  a  very  palatable  response. 

Let’s  discuss  the  easy  issue  first  —  the  potential 
brain  drain.  Before  his  appointment  as  Lenovo 
president  and  CEO,  Steve  Ward  headed  PCD.  He 
had  the  dubious  distinction  of  telling  thousands 
of  his  fellow  IBM  employees  that  their  division 
had  been  sold  and  explaining  the  rationale  for 
the  sale.  Ward  expected  a  backlash;  instead,  he 
received  applause  and  cheers. 

Ward  attributes  the  unexpected  reaction  to 
the  employees’  passion  for  the  PC.  In  recent 
years,  IBM  did  its  best  to  stifle  that  passion  by  de¬ 


emphasizing  PCs  and  making  PCD  feel  like  the 
unwanted  stepchild.  Lenovo’s  adoption  of  this 
stepchild  meant  that  PCD  would  gain  a  promi¬ 
nent  position  in  a  growing  company  focused  on 
the  PC  platform.  PCD  employees  could  feel  like 
rock  stars  instead  of  back-up  singers  in  their 
new  company. Ward  says  that  less  than  a  handful 
of  employees  declined  the  offer  to  trade  an  IBM 
badge  for  a  Lenovo  badge.  So  much  for  the 
brain  drain. 

Next,  let’s  look  at  the  R&D  angle  of  the  acquisi¬ 
tion.  I’ve  always  considered  IBM’s  Think  PCs  to 
be  high  on  the  innovation  scale.  The  built-in 
ThinkVantage  technologies  are  truly  valuable 

It’s  just  barely  three 
months  since  the  sale 
closed,  so  time  will  tell  if 
Lenovo  can  pull  off  its 
grand  plans. 

features  that  make  the  PC  easier  to  use  and 
maintain  than  commodity  brands  of  PCs. 
Lenovo  thinks  so,  too.  That’s  why  the 
ThinkVantage  technologies  will  live  on  and 
grow  under  Lenovo.  Peter  Hortensius,  former 
IBM  employee  and  current  senior  vice  president 
of  worldwide  product  development  for  Lenovo, 
told  me  PCD  and  Lenovo  have  a  similar 
approach  to  developing  meaningful  technology 
to  solve  real  users’  problems.  Hortensius  and 
George  He,  Lenovo  senior  vice  president  of 
research  and  technology,  pledge  to  continue  to 
drive  innovation  that  will  make  PCs  easier  and 
more  cost  effective  to  use  —  for  both  con¬ 


sumers  and  business  customers. 

So  what  about  the  cost  issue?  Yes,  Ward  says, 
Lenovo  is  going  to  be  relentless  in  cutting  costs 
from  its  PCs,  but  will  do  so  through  efficiencies 
and  not  by  cutting  R&D  or  product  quality,  as  I 
had  feared. The  company  can  improve  its  man¬ 
ufacturing  efficiencies  by  having  plants  in 
China,  where  most  of  the  component  pieces  are 
made.  This  will  eliminate  shipping  of  compo¬ 
nents  before  assembly  Ward  believes  Lenovo 
business  PCs  can  be  priced  competitively  to 
those  of  Dell  and  HRwithout  sacrificing  features 
or  quality. 

Lenovo  has  already  developed  its  sales  models 
to  accommodate  the  vastly  different  needs  of 
consumer  and  business  customers,  and  prod¬ 
ucts  will  rally  around  these  models.  The  tradi¬ 
tional  Lenovo  PC  products  are  aimed  at  con¬ 
sumers  (outside  the  U.S.)  and  sold  through  a 
high-volume  “transaction"  model,  which 
includes  Internet  and  retail  sales.  The  Think 
brand  of  business  products  will  be  sold  through 
relationships  —  either  direct  or  through 
resellers.  What’s  more,  IBM  will  continue  to  offer 
these  products  through  a  long-term  sales  rela¬ 
tionship  with  Lenovo.  So  if  you’ve  been  buying 
your  PC  products  from  IBM  over  the  years,  noth¬ 
ing  has  to  change. 

I  always  thought  the  economics  of  this  sale 
made  sense.  Now  I’ve  come  around  to  thinking 
that  freeing  PCD  from  the  clutches  of  IBM  might 
be  good  for  the  PC  market, as  well  as  for  Lenovo. 

Musthaler  is  vice  president  of  Currid  & 
Company,  a  Houston-based  technology  assess¬ 
ment  firm.  She  can  be  reached  at  linda@ 
currid.com. 
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The  ASP  reincarna  ion 


The  application  service  provider  name  dies  out,  but  the  concept  lives  on 
among  second-generation  companies  offering  software  as  a  service, 


BY  ROB  GARRETSON 


Esker  Software  develops  document  and  delivery 
management  applications.  So  two  years  ago  when  it 
was  struggling  to  integrate  an  unwieldy  CRM  system 
with  other  back-office  applications,  the  suggestion 
that  it  didn't  need  to  “own"  the  software  but  instead 
could  outsource  the  functionality  seemed  like  heresy 


"It  just  stunned  me  that  someone  would  actually  think  of  putting  their 
data  off-site."  recalls  Mitch  Baxter.  Esker's  executive  vice  president  for 
business  development  and  a  member  of  the  company's  board.  “I’m  a  soft¬ 
ware  company  guy.  It  just  seemed  profane!" 

Vet  after  a  pair  of  short  pilots.  E  ker.  a  French  company  with  U.S.  head¬ 
quarters  in  Madison,  \\  is.,  scrapped  a  planned  upgrade  of  its  Siebel  CRM 
system  and  rolled  out  Salesforce.com  to  180  users  in  60  days,  joining  the 
ranks  of  thousands  of  companies  procuring  enterprise  applications  as 
Web-based  services  for  a  monthly  subscription  fee. 

Software  as  a  service  —  which  typically  eliminates  hefty  upfront  license 
costs  and  requires  little  or  no  hardware  or  IT  personnel  to  install,  config¬ 
ure  or  maintain  —  is  growing  in  popularity  among  large  corporations  and 
small  businesses  alike.  Last  year's  successful  public  stock  offerings  by 
fast-growing  providers  Salesforce.com  and  RightNow  Technologies  have 
shined  a  spotlight  on  a  software  delivery  model  reminiscent  of  the  buzz 
surrounding  application  service  providers  (ASPs)  in  the  late  1990s. 

Fallout  from  the  tech  stock  collapse  in  2000  claimed  many  of  the  esti¬ 
mated  1.000  to  1.500  ASPs  that  sprouted  in  the  late  1990s  to  offer  hosted 
enterprise  applications  over  the  Internet.  But  as  the  economy  has  recov¬ 
ered.  the  surviving  ASPs  have  been  joined  by  a  growing  cadre  of  compa¬ 
nies  delivering  software  as  a  service  .  Hardware  vendors  such  as  IBM  and 
Sun  Microsystems  are  preaching  the  on-demand  gospel,  along  with  tradi¬ 
tional  enterprise  software  companies  such  as  Siebel,  Oracle  and  SAP, 
which  offer  hosted  versions  of  their  applications  in  response  to  upstart 
competition  and  strong  user  demand. 

"Forgotten  but  not  gone."  is  how  Gartner  analyst  Ben  Pring  describes 
the  soft war  e-as-a-s e r vi c e  delivery  model  promoted  by  .ASPs.  “It  was  gath¬ 
ering  steam  and  momentum  all  the  time,  whilst  it  was  out  of  fashion.” 

Indeed,  the  new  generation  of  software  providers  led  bySalesforce.com 
and  RightNow  now  use  terms  such  as  "on-demand"  software  to  describe 
their  offerings.  Unlike  applications  hosted  bv  some  .ASPs  and  traditional 
enterprise  software  vendors,  these  have  been  built  from  the  ground  up  to 
be  shared  by  multiple  clients  and  delivered  over  the  Internet. 

Market  researcher  IDC  recently  dropped  the  term  .ASP  and  uses  "hosted 
application  management"  to  describe  companies  that  provide  out¬ 
sourced  hosting  of  packaged  software.  Hosted  e-mail  and  security 
providers  and  firms  such  as  early  .ASPs  USinternetworking  (USD.  NaviSite 
and  Corio  —  acquired  in  January  by  IBM  —  are  in  this  business. 

"There's  this  first  generation  of  Neanderthals  [that]  didn't  really  take 
advantage  of  the  environment  or  the  Internet."  says  Tien  Tzuo.  senior 
vice  president  of  product  management  at  Salesforce.com.  about  the  early 
.ASPs.  "Homo  sapiens  —  software  as  a  service  —  have  always  been 

8  around. We  fust  needed  those  Neanderthals  to  die  out." 
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Applications  delivered  as  a  service  are  forecast  for 
rapid  growth  that  could  make  a  more  sizable  dent  in 
the  overall  software  market.  Worldwide  spending  on 
software  delivered  as  a  service  reached  $4.2  billion  in 
2004,  up  40%  from  2003,  and  will  reach  $10.7  billion  by 
2009,  according  to  IDC.And  Gartner  predicts  that  one 
third  of  all  new  software  deployed  over  the  next  five 
years  will  be  delivered  as  service  rather  than  purchased 
and  installed  in-house,  Pring  says.  Subscription-based 
software  accounts  for  only  about  3%  to  5%  of  the  total 
software  market  today  he  says,  but  will  rise  to  about 
10%  over  the  next  five  years. 

Faster,  better,  cheaper 

Proponents  of  software  as  a  service  are  quick  with 
automotive  metaphors  for  the  traditional  way  of  buying 
and  deploying  enterprise  software:  buying  a  $500,000 
Ferrari  while  you  can  rent  one  just  when  you  need  to 
drive  it,  or  buying  a  car  in  pieces  —  engine,  drive  train, 
chassis,  steering  wheel  and  so  on  —  then  putting  it 
together  yourself  or  paying  a  mechanic  to  assemble  it 
for  you. 

A  large  corporation  pays  a  six-  or  seven-figure  license 
for  the  software  —  plus  the  cost  of  the  hardware  and 
network  infrastructure  to  run  it  —  and  then  the  spend¬ 
ing  really  starts  as  it  deploys  IT  staff  or  consultants  to 
customize,  configure  and  integrate  the  software  with 
current  applications.  Add  to  that  IT  staff  for  ongoing 
maintenance  and  the  vendor’s  18%  to  20%  annual 
maintenance  fee  for  upgrades  and  24-hour  support,  and 
companies  pay  $6  to  $8  in  extras  for  every  $1  they 
spend  on  the  traditionally  licensed  enterprise  software, 
says  Jason  Maynard,  a  senior  analyst  at  Merrill  Lynch, 
which  last  year  launched  an  on-demand  index  to  track 
the  growth  of  software  by  subscription. 

Software  as  a  service  eliminates  much  of  the  upfront 
cost,  can  be  deployed  much  faster  and  heightens  the 
vendor’s  incentive  to  provide  solid  support  and  a  good 
user  experience,  since  customers  can  switch  vendors 
with  relative  ease. Typically  customers  pay  a  monthly 
fee  for  each  user  on  the  system.  Providers  host  all  the 
software  and  data  on  their  own  servers,  giving  them 
economies  of  scale,  as  well  as  allowing  them  to  per¬ 
form  bug  fixes  or  major  upgrades  for  all  customers  at 
once. 

“If  you  can  provide  the  service  reliably  it  keeps  my  ini¬ 
tial  costs  down,  it  keeps  my  recurring  costs  down  and 
my  switching  costs  down,”  says  Bob  Lamoureux,  CTO  of 
America’s  Growth  Capital,  a  Boston  investment  banking 
firm  that  uses  a  hosted  CRM  application  from  Salesnet 
to  track  activities,  events  and  communications  associat¬ 
ed  with  clients  and  prospects.“It  works  really  well,  it’s 
reliable  and  it’s  very  flexible.  Those  are  the  key  ingredi¬ 
ents  of  a  successful  on-demand  played 

The  evolution  of  the  ASP 

Today's  software  as  a  service  has  largely  overcome 
the  hurdles  that  tripped  up  many  first-generation  ASPs. 
For  starters,  the  post-bubble  economic  climate  is  more 
hospitable  to  ASPs,  as  corporate  IT  budget  tightening 
has  made  the  lower  upfront  deployment  costs  of  on- 
demand  software  more  attractive.  In  addition,  technolo¬ 
gy  advances  such  as  Web  services  and  service-oriented 
architecture,  plus  five  years  of  added  maturity  for  both 
the  applications  and  executives  running  ASPs,  has 
helped  the  business  model  come  of  age. 

“When  we  started,  we  viewed  ourselves  as  faster,  bet¬ 
ter,  cheaperf  acknowledges  USi  CEO  Andrew  Stern.“But 
what  we’ve  come  to  understand  ...  is  that  the  real  prob¬ 
lem  that  our  clients  have  is  getting  the  value  out  of  the 


technology  that  they  thought  they  were  buying.” 

The  lack  of  flexibility  to  tailor  the  software  and  to  inte¬ 
grate  it  with  other  corporate  applications  was  one  of 
the  key  failings  of  the  first  generation  of  ASPs, 
Lamoureux  says.'They  were  solutions  that  the  ASP 
implemented  or  providers  deemed  were  the  features 
and  functions  that  you  wanted.There  wasn’t  a  lot  of 
flexibility  to  do  much  else  with  it,”  he  says.That  has 
changed  with  the  inception  of  Web  services  and  other 
technical  advances. 

“The  ASPs  of  today  are  much  more  targeted.They 
identify  a  critical  business  need  and  they  solve  it,” 
agrees  Frank  Gillman,vice  president  of  technology  at 
law  firm  Allen  Matkins  in  Los  AngeIes.“So  if  you’re  a 
company  that  has  that  problem,  you  can  solve  it  by  writ¬ 
ing  one  check  and  turning  something  on  in  two  hours.” 

Allen  Matkins  has  been  using  a  hosted  application 
from  FrontBridge  for  e-mail  processing  and  spam  fil¬ 
tering  since  2000.  Last  year  it  outsourced  the  firm’s 
Web  site  and  content  management  applications  using 
a  tool  designed  specifically  for  law  firms  called 
Hubbard  One  from  Thomson  Corp.,and  it  uses  other 
legal  practice  tools  that  its  lawyers  access  on-demand 
via  the  Web,  Gillman  says.  Its  monthly  bill  for  hosted 
applications  is  between  $5,000  and  $6,000,  depending 
on  how  much  e-mail  is  archived  by  FrontBridge. 

“To  me,  what  you’re  buying  with  an  ASP  is  not  just 
the  software,  it’s  the  expertise  that  comes  with  it,” 
Gillman  says. 

Serving  all  shapes  and  sizes 

Though  many  of  the  first  ASPs  were  targeted  at  mid¬ 
sized  companies  —  large  enough  to  need  complex 
enterprise  applications  but  not  big  enough  to  support 
large  internal  IT  staffs  —  on-demand  software  is  grow¬ 
ing  in  popularity  with  companies  of  all  sizes.  USi, 
which  specializes  in  hosting  and  managing  complex 
applications  such  as  FteopleSoft,  Oracle,  Ariba  and 
Siebel,  along  with  some  Microsoft  Exchange, says  that 
nearly  60%  of  its  revenue  comes  from  businesses  with 
annual  revenue  of  $1  billion  or  more. 

IDC’s  latest  study  of  software  as  a  service  found  that 
more  than  40%  of  the  IT  executives  surveyed  at  large 
companies  are  currently  buying  software  as  a  service, 
while  another  nearly  50%  are  reviewing  service  offer¬ 
ings.  Less  than  10%  were  neither  purchasing  nor 
reviewing  software  as  a  service.  Midsized  companies 
lagged  their  larger  counterparts  only  slightly  in  adop¬ 
tion  of  software  as  a  service,  and  small  businesses 
were  not  far  behind. 

Salesforce  automation  and  CRM  are  among  the  most 
popular  applications  delivered  as  a  service,  judging 
from  the  success  of  companies  such  as  Salesforce.com 
and  RightNow,  but  in  various  surveys  of  IT  manage¬ 
ment,  payroll  and  accounting,  human  resources,  e-mail, 
security  and  Web  conferencing/development  also 
crowd  the  top  of  the  list. 

Large  companies  often  use  a  mix  of  on-demand  soft¬ 
ware  with  traditionally  licensed  enterprise  applications, 
sometimes  from  the  same  vendor.  Industrial  equipment 
giant  Ingersoll-Rand  has  close  to  1,000  users  of  Siebel 
OnDemand  to  go  with  several  thousand  users  of  the 
“on-premise”  CRM  software. 

“We’re  an  incredibly  ROI-driven  business.  Everything 
we’re  doing  is  based  on  getting  that  ROI  within  a  year,  if 
not  sooner’  says  Robert  Martens,  Ingersoll-Rand’s  direc¬ 
tor  of  CRM  at  its  Enterprise  Services  Center  in 
Davidson,  N.C.“So  in  a  lot  of  the  businesses  that  want 
to  get  to  market  quicker,  the  most  cost-effective  and 
safest  way  for  them  to  do  that  is  to  move  into  an 


Deployment  trends 

I  DC's  survey  of  468  IT  professionals  identified  the 
leading  reasons  why  companies  are  embracing 
software  as  a  service  and  what  types  of  applications 
they're  deploying  in  this  manner. 

Top  five  factors  spurring  software  as  a  service  adoption 


Adoption  by  service  type 


Intrusion  detection 


Web  conferencing 


Workforce  management 


Groupware 
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Content  or  document  management 


:Web  analytics 

;  ;  i  j  s  | 

Product  life-cycle  management 

10%  20%  30%  40%  50%  60% 

SOURCE:  IDC,  JULY  2005 


36  •  www.networkworld.com  •  8.29.05 


on-demand  model.” 

Siebel  released  its  first 
OnDemand  product  early  last 
year  and  most  of  the  major 
enterprise  software  vendors 
have  added  some  form  of  host¬ 
ed  or  on-demand  offering  to 
their  product  lines.  Oracle  was 
an  early  convert  to  on-demand. 


In  fact,  CEO  Larry  Ellison  was 
an  early-stage  investor  in 
Salesforce.com  and  a  co¬ 
founder  of  NetSuite.then 
called  NetLedger.  SAP  rumored 
to  be  working  on  an  on- 
demand  product,  has  been  the 
laggard,  currently  offering  only 
application  hosting  and  man¬ 


agement  for  a  fixed  monthly 
fee  through  a  separate  SAP 
hosting  organization. 

Cost  comparison 

The  software  as  a  service  set 
dismisses  hosted  applications 
from  the  traditional  vendors  as 
more  costly  and  complex  than 


software  designed  from  scratch 
to  be  delivered  as  an  Internet 
service,  and  without  the  seam¬ 
less  migration  to  new  versions 
such  applications  offer. 

NetSuite,  for  example,  costs 
about  $99  per  user,  per  month 
for  the  full  suite  of  ERP  and 
CRM  applications,  though  there 


are  some  advanced  accounting 
modules,  such  as  revenue 
recognition,  that  carry  an  addi¬ 
tional  flat  fee  of  $500  per 
month.  SimilarlySalesforce.com 
has  a  Professional  Edition  that 
costs  $65  per  user,  per  month 
and  an  Enterprise  Edition  that 
adds  integration  capabilities  for 
SARPeopleSoft  and  other  enter¬ 
prise  applications  for  $125  per 
user,  per  month. 

Despite  his  initial  hesitancy 
about  the  on-demand  model, 
Esker  Software’s  Baxter  now 
can’t  get  enough  of  it.The  com¬ 
pany  runs  all  its  salesforce 
automation,  customer  service 
and  tech  support  functions 
using  Salesforce.com. 

“We’ve  customized  the  heck 
out  of  this  thing,  and  there’s  no 
end  in  sight,”  Baxter  says.“l 
would  say  we’re  probably 
rolling  out  a  new  application  or 
sub-application  about  once  a 
month.” 

Esker  pays  substantially  less 
than  the  $22,500  monthly  list 
price  for  its  180  users,  though 
Baxter  declined  to  specify  its 
level  of  discount,  citing  contrac¬ 
tual  restrictions.The  one-year 
total  cost  of  the  Siebel  upgrade 
Esker  considered  was  $255,000 
for  only  165  users,  or  about 
$129  per  user,  per  month.  And 
70%,  or  $180,000,  of  that  cost 
was  for  IT  infrastructure  and 
personnel  to  host  and  manage 
the  application.“So  even  if  we 
were  paying  list  for  our 
Salesforce.com  Enterprise 
licenses,  we’d  be  saving  monejf 
he  says. 

“Our  bill  hasn’t  gone  up  at  all, 
and  yet  our  use  of  the  thing 
and  our  return  has  probably 
gone  up  by  a  factor  of  five  or 
10,”  Baxter  says.They  basically 
get  you  paying  them  a  per-user 
fee,  and  then  it’s  all  you  can  eat. 
It’s  a  buffet.  And  we  eat  a  lot.” 

Garretson  is  a  freelance  writer  in 
Gaithersburg,  Md.  He  can  be  reached 
at  rgarretson@teamtrsg.com. 
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Enterprise  Edition  (10  users,  up  to  4  CPUs)  $1,399 

Pros:  Mainstream  open  source  application 

support;  improved  security;  decent  32-bit 
performance. 

Cons:  Runs  in  32-bit  mode  only;  presents  small 
bugs  and  limitations. 


BY  TOM  HENDERSON,  NETWORK  WORLD  LAB  ALLIANCE 

The  SCO  Groups  recently  released  OpenServer  6  leverages  updates  to  a 
newly  minted  Unix  System  V  Release  5  kernel,  performs  reasonably  well  in 
the  32-bit  realm  and  supports  new  security  features.  However,  SCO  needs  to 
take  some  time  to  smooth  out  some  functionality  details. 


The  Breakdown 

Installation/integration  25% 

4 

Performance  25% 

3 

Management/administration  25% 

3.5 

Security  25% 

3.5 

Total  score 

3.5 

Scoring  Key: 
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1:  Subpar  or  not 
available. 


OpenServer  contrasts  with  SCO’s  UnixWare  (see  test  at 
www.networkworld.com,  DocFinder:  8622)  in  that  its 
memory  requirements  and  CPU  support  are  more  akin  to 
the  needs  of  small  and  midsize  businesses.  We  found  it  odd 
that  OpenServer  6  is  priced  by  the  number  of  users,  actual 
CPUs  and  memory,  instead  of  the  industry  standard  per¬ 
user  or  per-CPU  core(s)  model. 

OpenServer  6  exhibited  no  difficulty  in  identifying  the 
hardware  on  any  of  the  server  platforms  we  used  for  test- 
ing.There  is  no  specific  provision  for  64-bit  processors,  but 
OpenServer  6  found  and  used  our  dual  and  multi-CPU  64- 
bit  machines,  tapping  those  processors  via  x86/32-bit  emu¬ 
lation.  USB  printers  aren’t  correctly  supported,  but  SCO 
says  it  is  addressing  that  issue.  Not  fully  supporting  a  pxE 
boot  or  other  network  installation  in  this  version  of  the 
operating  system  is  a  shortcoming. 

User  administration  initially  struck  fear  into  us,  as  we 
found  that  a  user  can  be  created  with  any  password  length 
above  three  characters.  Subsequently,  we  found  that  when 
users  change  their  passwords,  those  selections  can  be 
highly  constrained  through  the  SCO  Security  Profile 
Manager  utility  to  suit  high  standards  for  password  dictio¬ 
nary  attack  prevention  that  the  underlying  SVR5  supports. 
OpenServer  6  lets  administrators  force  passwords  with 
added  characters,  numbers  and  randomness. 

The  only  real  change  to  the  standard  open  source  bundle 
(which  typically  comprises  Apache,  Tomcat,  Java,  Java 
Server  Pages,  Mozilla,  SAMBA,  FostGreSQL  and  MySQL) 
included  with  OpenServer  6  is  that  Apache  2.0.3  is  installed 
to  serve  up  help  files  that  are  HTML  representations  of  actu¬ 
al  Open  Server  6  system  documents.  This  annoying  imple¬ 
mentation,  however,  has  “localhost”  references  that  tie  the 
use  of  these  HTML  files  to  those  browsing  the  documents 
on  the  host  only,  therefore  there  is  no  remote  administrative 
access  to  them.  The  documents  also  incorrectly  describe 
how  to  get  SCO’s  Doc  View,  a  help/file  viewer,  to  work. 

Security  measures 

OpenServer  6  uses  a  hardened  kernel  but  we  could  find 
no  documentation  on  the  hardening  method.  We  noted 
and  tested  that  the  kernel  has  run-time  loadable  drivers, 
which  might  make  it  vulnerable  to  malicious  drivers. 

The  integral  firewall  employs  network  address  translation 
and  specific  port  admittance  control  and  does  stateful 


inspection.  The  underlying  programs  are  BSD-licensed  IP 
Filters  (ipf)  .All  of  the  components  of  IP  Filters  are  there, save 
for  the  ipftest  module,  which  while  useful,  is  a  testing  appli¬ 
cation  that’s  better  replaced  by  other  external  penetration 
testing  applications. 

The  OpenServer  6  default  firewall  rules  are  good.  No 
threatening  holes  are  left  open  in  default  settings  as  our 
tests  demonstrated. 

Security  for  applications  and  processes  is  aided  by  an 
implementation  of  multi-tiered  privilege  hierarchy  for  users 
and  processes,  a  trend  that  we’ve  seen  in  RedHat  Advanced 
Server,  SuSE  Linux  Enterprise  Server  and  other  recent  oper¬ 
ating  system  releases.  As  an  example,  different  commands 
such  as  the  file/folder  permissions-giving  chmodstet/cb 
command  can  be  added  or  removed  from  an  executable’s 
permission  list  for  individual  users,  unfortunately  not  for 
groups,  making  large  systems  administration  potentially 
tedious  (as  it  must  be  done  by  user,  not  groups). 

Many  system  commands  with  security  implications  are 
covered,  but  we  were  unable  to  find  a  method  to  add  to 
OpenServer’s  6  comprehensive  list.  While  easy  to  manage, 
this  root  or  user  selection  process  for  security  permissions 
is  limiting. 

SCO’s  OpenServer  now  supports  IPSec-based  VPN  con¬ 
nections.  We  found  that  VPN  setup  was  simple  and  the  fea¬ 
ture  easy  to  use.  This  permits  encrypted  VPN  sessions  for 
remote  worker  or  remote  branch  connectivity  support,  if 
intervening  firewalls  permit  this  connectivity 

It’s  also  possible  to  make  and  mount  an  encrypted  file 
system  either  for  application  or  personal  (not  group)  use. 
We  created  an  encrypted  file  system,  mounted  the  file  sys¬ 
tem,  then  populated  it  with  files. We  discovered  that  on  our 
fastest  test  platform  (see  “How  we  did  it”  at  DocFinder: 
8623),  the  file  system  encryption  didn’t  have  much  of  an 
effect  on  system  performance,  even  when  we  spawned 
more  than  100  concurrent  read/write  file  actions  with  a 
script. 

In  addition  to  the  new  file  encryption  method,  a  com¬ 
mercialized  version  of  the  Veritas  File  System  called  VxFS  5 
(also  called  Journaled  File  System)  becomes  the  default 
root  file  system.VxFS  supports  very  large  file  sizes, as  well  as 
up  to  8  exabytes  stored  within  it  —  resources  permitting, 
and  SCO  quotes  IT  byte  as  a  maximum.  We  also  could 
mount  NFS  V3,AFS  (Acer  Fast  file  system),  as  well  as  the 


usual  FAT,  FAT  16  and  Windows  NT  File  System. 

Performance 

OpenSSL  and  OpenSSH  are  now  supported  with 
OpenServer  6,  and  we  tested  the  server  performance  with 
an  OpenSSL-backed,  unoptimized  Apache  server  using 
Spirent  Communications’  Avalanche  gear.  This  test,  which 
builds  rudimentary  SSL  transactions  and  page  reads  over  a 
10  minute  period,  exercises  a  system’s  CPU,  its  cache  man¬ 
agement,  and  its  ability  to  build  and  maintain  secure  Web- 
based,  HTTP  transactions. 

Compared  with  its  32-bit  alternatives,  SCO  OpenServer  6 
performed  well.  For  example,  OpenLinux  6  maintained 
54,208  transactions  per  minute  over  10  minutes  compared 
with  Novell’s  SUES  9.0,  which  registered  57,961  per  minute 
in  that  same  time  period. 

However,  as  might  be  expected  it  was  badly  beaten  in  our 
tests  by  the  64-bit  operating  systems  kernels  from  Sun 
Solaris,  Novell/SuSE  Linux  Enterprise  Server  and  Red  Hat 
Advanced  server,  which  all  achieve  performance  numbers 
between  59%  and  133%  higher  than  the  numbers 
OpenServer  6  posted  in  our  tests. 

We  also  tested  OpenServer  6  on  our  Polywell  2200s  64-bit 
dual  AMD64  platform  (in  32-bit  mode  as  mentioned)  with 
two  other  performance  tests  that  measure  its  ability  to  build 
and  hold  network  connections.  In  these  tests,  OpenServer  6 
was  almost  on  par  with  the  numbers  Red  Hat  Enterprise 
Linux  4  (32-bit)  posted  both  in  terms  of  the  maximum 
number  of  open  TCP  connections  it  could  maintain 
(OpenServer  hit  89,519  connections  compared  with  RHEL 
4’s  90,745),  as  well  as  the  maximum  number  of  TCP  con¬ 
nections  per  second  it  could  register  (OpenServer  could 
hold  1,664  connections  per  second  compared  with  RHEL 
4’s  1,890).  But  again, compared  with  RHEL  9’s  performance 
in  64-bit  mode,  OpenServer  6  falls  well  behind. 

OpenServer  6  offers  many  of  the  popular  niceties  of  Linux 
competition  editions.  And  with  its  built-in  Unix  legacy  it  will 
offer  a  familiar  feel  to  some.  But  the  lack  of  a  64-bit  kernel,  a 
comparatively  high  price, small  oddities  and  strange  licens¬ 
ing  model  should  certainly  raise  issues  with  this  product. 

Henderson  is  principal  researcher  for  ExtremeLabs  of 
Indianapolis.  He  can  be  reached  at  thenderson@extreme 
labs.com.  Laszlo  Szenes  contributed  to  this  story. 
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Uneasy  access 

Companies  challenged  with  connecting  in  remote  parts  of  the  globe. 


BY  ELLEN  MESSMER 

f  providing  laptops  and  bandwidth  for  employees  located 
within  an  urban  center  in  America  can  be  tough,  imagine 
doing  it  in  the  oil  fields  of  Kazakhstan  in  Central  Asia. 

Operating  a  network  in  Kazakhstan, a  country  bordering  China  and  Russia,  is  just  one 
thing  that  Nigel  Fletcher,  mobile  segment  manager  at  the  U.K.  gas-exploration  firm  BG 
Group,  thinks  about  in  his  job  to  make  sure  mobile  workers  get  access  to  the  corporate 
network.  BG  Group  has  about  4,000  employees,  60%  of  whom  are  outside  of  Britain, 
many  on  ceaseless  travel  to  distant  locations  around  the  globe. 

“We  have  a  group  of  about  500  engineers  who  are  rarely  in  one  place  for  more  than 
a  few  weeks,”  Fletcher  says.  Often,  remote  access  really  does  mean  remote. 

While  BG  Group  has  a  WAN 
supplied  by  Equant  in  the  U.S. 
and  Europe,  extending  network 
access  to  mobile  workers  in 
many  parts  of  the  world  is  a  chal¬ 
lenge  because  modern  telecom 
and  the  Internet  can  be  hard  to 
come  by 

But  it’s  critical  to  give  on-the-go 
executives  and  engineers  access 
to  internal  applications,  such  as 
SAP  or  Microsoft  Exchange,  so 
they  can  do  their  jobs,  Fletcher 
says. 

Kazakhstan,  which  has 
emerged  as  an  important  area 
for  oil-exploration  firms  that  also 
include  Chevron  ExxonMobil 
and  Royal  Dutch/Shell,  doesn’t 
have  a  substantially  built-out 
telecom  infrastructure.  So  sever¬ 
al  of  the  firms  banded  together 
to  build  a  shared  gigabit-fiber 
network  with  a  satellite  link  to 
Moscow  as  the  nearest  point  of 
presence.  “We  pooled  our 
resources,”  Fletcher  says. 

BG  Group  also  relies  on  satel¬ 
lite  access  to  connect  offices  in 
urban  areas  such  as  Singapore  and  Mumbai,  India,  to  its  landline  corporate  network. 
While  BG  Group  requires  use  of  a  VPN  connection  for  secure  access  via  remote  laptop, 
the  company  earlier  this  year  expanded  its  security  strategy  through  use  of  the  iPass 
endpoint  management  software. 

The  iPass  software  client  combines  policy  enforcement  of  VPN,  anti-virus  and  patch 
management  with  options  for  use  of  the  iPass  Corporate  Access  Service.  This  service 
offers  secure  dial-up,  broadband  connections  or  wireless  access  to  thousands  of  Wi-Fi 
hot  spots  in  airports,  cafes  and  hotel  LANs  in  more  than  50  countries. 

Through  agreements  with  providers  that  include  China  Telecom  and  NTT  in  Japan, 
plus  about  300  other  providers  globally,  the  iPass  Corporate  Access  Service  allows  net¬ 


work  access  via  a  single  logon,  with  itemized  billing  for  the  corporate  IT  department. 

“It  was  a  strategic  decision  for  us  for  this,”  Fletcher  says.  In  some  areas  of  the  world, 
such  as  Central  Asia,  the  Wi-Fi  hot  spots  in  cafes  and  airports  provide  the  best  oppor¬ 
tunities  for  engineers  to  get  network  access  when  they  are  traveling. 

BG  Group  regards  iPass  as  a  less-expensive  replacement  for  long-distance  calls  via 
remote  access  server  into  the  intranet.  IPass  is  being  rolled  out  to  BG  Group  employees 
in  South  America,  Asia,  the  Middle  East,  Africa  and  the  Caribbean.  Third-party  systems 
integrator  ETT,  which  operates  a  multilingual  round-the-clock  operations  center  in 
London,  is  providing  global  support. 

Northern  exposure 

As  in  Kazakhstan,  the  struggle  to  keep  a' network  up  and  running  in  the  Arctic  wilder¬ 
ness  also  proves  to  be  challenging. 

The  Barrow  Arctic  Science  Consortium  (BASC),  housed  in  the  Naval  Arctic  Research 
Lab  facility  in  Alaska,  hosts  about  300  university  and  government  scientists  who  period¬ 
ically  arrive  to  do  work  with  the 
expectation  they’ll  have  the  full 
Internet  access  they’re  used  to  in  the 
rest  of  the  U.S. 

That’s  despite  the  fact  that  BASC  is 
“330  miles  above  the  tree  line,  flat  as  a 
desert  with  vicious  winds  and  no 
landline  access,”  says  Bob  Bulger,  the 
facility’s  IT  coordinator. 

An  AT&T  satellite  link  to  an  earth  sta¬ 
tion  on  the  edge  of  town  is  the  con¬ 
nection  to  the  outside  world,  but  the 
hard  part  is  maintaining  a  stable  wire¬ 
less  LAN  because  the  “local  power 
supply  is  poor  and  it  fried  my  wireless 
routers,”  Bulger  says. 

Bulger  also  maintains  a  wireline 
LAN  because  some  government  agen¬ 
cies,  such  as  the  Department  of 
Energy,  have  prohibitions  on  WLANs 
for  security  reasons. 

Unlike  the  situation  for  most  IT  staff 
in  the  more  populated  states,  it’s  rare 
for  any  vendor  to  reach  out  to  try 
and  sell  something,  Bulger  says.“Dell 
doesn’t  even  recognize  Alaska  com¬ 
mercially”  he  says. 

However,  a  few  vendors  “have 
stepped  up  to  the  plate”  to  provide 
needed  software  and  services,  Bulger  says.  He  credits  HR  from  which  BASC  buys  lap¬ 
tops,  switches  and  servers,  as  a  help  —  especially  because  an  HP  representative  from 
San  Jose  rushed  to  the  airport  with  a  2650  switch  as  overnight  cargo  to  Alaska  when 
the  switch  was  sorely  needed. 

Other  suppliers  Bulger  counts  on  include  Symantec  for  security  gear  and  AIS,  a  value- 
added  reseller  in  Boulder, Colo.  AIS  representatives  traveled  to  Barrow  to  analyze  BASC’s 
network  requirements  and  helped  set  up  the  internal  network. 

Nevertheless,  Bulger  says  he  can’t  rely  on  any  vendor  to  provide  remote  manage¬ 
ment  of  equipment  because  the  latency  caused  by  the  satellite  link  makes  that  too 
difficult.  ■ 
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Each  component  of  the  AlterPath  System  is  designed  to  seamlessly  integrate 
into  the  enterprise,  able  to  scale  in  any  direction.  Whether  you  need  serial 
console  management  of  networking  equipment,  KVM  for  access  to  Windows® 
servers,  branch  management,  IPMI  or  HP  iLO  for  service  processor 
management,  or  advanced  power  management,  the  AlterPath  System  delivers. 
Cyclades  brings  it  all  together,  making  OOBI  administration  seem  like  child’s  play. 


Over  85%  of  Fortune  100 
choose  Cyclades. 
www.cyclades.com/nw 

1.888.cyclades  •  sales@cyclades.com 
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OS  Cyclades  Corporation.  W  rights  reserved.  All  other  trafatioris  ond  produd  rmoges  ore  property  ol  their  respective  owners.  Product  information  subject  to  change  without  notice. 


The  Next-Generation  IT  Infrastructure 


Cyclades  AlterPath™  System  is  the  industry's  most  comprehensive  Out-of-Band 
Infrastructure  (OOBI)  system.  The  AlterPath  System  allows  remote  data  center 
administration,  eliminating  the  need  for  most  time-consuming,  remedial  site 
visits.  When  fully  deployed  in  your  data  center,  Cyclades  AlterPath  System  lowers 
the  risks  associated  with  outages,  improves  productivity  and  operational 
efficiency,  and  cuts  costs. 
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KVM  OVER  IP 
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MATRIX  KVM  SWITCH  WITH 
INTEGRATED  REMOTE  ACCESS  OVER  IP 


System-wide  connectivity  over  IP  worldwide  and  locally 
Connects  1,000  computers  to  up  to  256  user  stations 
Supports  PC,  Sun,  Apple,  USB,  UNIX,  serial  devices 
High  quality  video  up  to  1280  x  1024 
Secure  encrypted  operation 

View  real-time  video  from  4  computer  connections  with 
quad-screen  mode 


UltraMatrix™ 

E-series 

KVM  SWITCH 


PROFESSIONAL  MULTI-USER  KVM  SWITCH 
2  -  4  KVM  STATIONS  TO  1,000s  OF  COMPUTERS 


PC  or  multi-platform  (  PC/Unix,  Sun,  Apple,  others) 

On-screen  menu  informs  you  of  connection  status  between  units 

in  an  expanded  system 

Powerful,  expandable,  low  cost 

No  need  to  power  down  most  servers  to  install 

Security  features  prevent  unauthorized  access 

Free  lifetime  upgrade  of  firmware 

Video  resolution  up  to  1600  x  1280 

Available  in  several  models 

Easy  to  expand 


The  UltraMatrix  Remote  represents  the  next  generation  in  KVM  switches  with  IP  access.  It 
provides  a  comprehensive  solution  for  remote  server  access  over  IP  and  local  as  well. 


■  KVM  RACK  DRAWERS  WITH  KVM  SWITCH  OPTION 

RackViews  offer  the  latest,  most  efficient  way  to  organize  and  streamline  your 
server  rooms  and  multiple  computers. 

The  RackView  is  a  rack  mountable  KVM  console  neatly  fitted  in  a  compact  pull-out 
drawer.  This  easy-glide  KVM  drawer  contain  a  high-resolution  TFT/LCD  monitor,  a 
tactile  keyboard,  and  a  high-resolution  touchpad  or  optical  mouse. 


The  UltraMatrix  E-Series  represents  the  latest  in  KVM  matrix  switch  technology,  at  an 
affordable  price.  The  E-Series  allows  you  to  connect  up  to  256  user  stations  to  as  many  as 
1,000  computers.  The  UltraMatrix  E-Series  is  available  in  several  sizes:  2x4,  2x8,  2x16, 
4x4,  4x8,  4x16,  1x8,  and  1x16  in  either  PC  or  multi-  platform. 
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Power  in  Your  Data 
Center  Cabine  t? 


With  Sentry! 

CDU  Product  Family:  Metered,  Smart  &  Switched 


Server  Technology 

Solutions  for  the  Data  Center  Equipme  Cabinet 

The  Sentry  CDU  distributes  power  for  Blade 
servers  or  up  to  42  dua  power  1U  servers 
in  one  enclosure.  Single  or  3-phase  input 
with  110VAC,  208VAC  or  mixed  110/2Q8VAC 
single-phase  outlet  receptacles. 
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Server  Technology,  Inc. 
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INSTRUMENTS 


How  much  can  your  network  analyzer  handle? 


Observer  is  the  only  fully  distributed  network  analyzer  built 
to  cover  your  entire  network  (LAN,  802.Ha/b/g,  Gigabit,  WAN). 
Download  your  free  Observer  10  evaluation  today  and  experience 
more  real-time  statistics,  more  expert  events  and  more  in-depth 
analysis  letting  you  monitor,  troubleshoot  and  manage  every 
on  your  network  with  one  complete  solution.  Choose  Observer. 


-SECUR  i  tv  conTROL-  Watch  for  virus  and  hack  attacks  to 
quickly  isolate  infected  areas. 


-RLERT  -  Setup  Triggers  and  Alarms  on  any  network  threshold 
and  be  the  first  to  know  of  network  issues. 


-HE  T WORK  OMERLORD-  Monitor  bandwidth  utilization,  access 
point  utilization  rates  and  network  top  talkers  with  Real-Time  Statistics. 


US  &  Canada  toll  free  800.526.5958 
fax  952.932.9545 


UK  &  Europe  +44  (0)  1959  569880 


www.networkinstruments.com/analyze 
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START 

Nothing  gives  you  a  bigger  headache  than  infrastructure  hardware  and 
software  problems  at  the  wrong  time.  Often  these  issues  cost  you  valuable 
system  downtime  and  require  a  site  visit  to  reboot  hardware.  Let  smartSTART 
remote  power  distribution  systems  show  you  the  efficient  way  to  manage  your 
system's  power. 

•  Trusted  by  major  OEM's 

•  Reboot  from  anywhere,  anytime  via  web  or  TCP/IP 
Remote  power  distribution  and  circuit  protection  for  AC  or  -48  VDC 
or +24  VDC  systems 

Auto  reset  circuit  beaker  feature  addresses  no  fault  breaker  trips 
for  DC  systems 

Sequentially  power  on  or  power  off  any  receptacle  or  group  of 
receptacles  for  DC  systems 


SPECTRUM  CONTROL  INC. 
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work  Power  Switches 


Control  Power  on  Any  AC 
Powered  Device ... 

Via  Web  Browser,  Telnet, 
Modem  or  Local  Terminal 


161 


Servers,  routers,  and  other  electronic  equipment  occasionally 
"lock-up",  often  requiring  a  service  call  to  a  remote  site  just  to 
flip  the  power  switch  to  perform  a  simple  reboot.  With  WTI's 
Remote  Power  Switches,  you  can  perform  reboot  and  On/Off 
control  from  anywhere! 


Web  Browser  Access  for  Easy  Setup  and 
Operation 

Encrypted  Password  Security 

Dual  1 5  Amp  Power  Circuits 
Total  30  Amps  Maximum  Load 

1 1 5  VAC  and  230  VAC  Models 
Up  to  Sixteen  (16)  Individual  Outlets 
RS232  Modem  /  Console  Port 
Network  Security  Features 
Power-Up  Sequencing 


Web  Browser  Interface 


Yes,  We  are  Customer  Friendly! 

V  Two  Year  Warranty 
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V  30  Day  Return  Policy 
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Eliminate  your  shop-floor 
PCs  with ... 

Ethernet  Terminals  from 
ComputerWise  connected  to 
your  in-house  LAN. 

Capture  production  data 
directly  into  files  on  your 
server. 


Features  C  Benefits 

•  Interactive  Telnet  Client 

•  TCP/IP  over  10/IOOBaseT  Ethernet 

•  Built-in  Barcode  Badge  Reader 

•  Optional  Mag-Stripe  &  RFID  Badge  Reader 

•  Auxiliary  RS-232  Serial  port 

•  Customizable  Data  Collection 
Program  Included 

.  Larger  keyboard  and 
display  sizes  available 
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Looking  ahead  to  your  next 
network  project? 

Need  information  now? 

Check  out  VENDOR  SOLUTIONS  for  the  most 
comprehensive  information  on  network  IT  products 
and  solutions  for  your  business  including: 

►White  Papers 
►Special  Reports 
►Partner  Sites 
►Webcasts 

►Marketplace  Product  Finder 
Visit  www.networkworld.com/vendorsolutions  today. 
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Reviews  of  dtSearch 

♦“The  most  powerful  document  search  tool  on  the  market”  —  Wired  Magazine 

♦“dtSearch ...  leads  the  market”  —  Network  Computing 
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Stop  jeopardizing  network  performance  and  risking  costly  downtime.  Be  confident  you 
have  maximum  visibility  into  your  full-duplex  links  by  configuring  an  z?TAP  solution  that 
fits  your  network  and  budget.  Visit  www.networkTAPs.com/visibility  today. 
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Google 

continued  from  page  1 

focused  on  our  company  mission 
to  organize  the  world’s  informa¬ 
tion  and  make  it  universally 
accessible  and  useful,”  she  says. 

IT  managers  should  be  watch¬ 
ing  because  “Google  is  coming” 
says  Rob  Enderle,  of  the  Enderle 
Group.  “Google  really  wants  to  be 
the  center  of  communications.  It 
has  grasped  that  as  its  initiative. . . . 
At  some  point  they’ll  be  a  compa¬ 
ny  [IT  managers]  will  want  to 
consider 

Google  seems  to  be  primed  for 
change.  Earlier  this  month,  it 
announced  it  was  filing  for  a  sec¬ 
ond  public  offering,  which,  with  its 
stock  price  now  hovering  around 
$280,  could  raise  about  $4  billion. 
Google  hasn’t  said  what  it  plans  to 
do  with  the  money  Analysts  spec¬ 
ulate  that  the  company,  which 
already  has  deep  pockets  — 
some  $2.9  billion  in  cash  on 
hand,  likely  will  use  the  money  to 
fund  acquisitions. The  idea  would 
be  to  shore  up  its  position  as  it 
takes  on  industry  heavyweights 
Microsoft  and  Yahoo!  on  the  Web 
portal  and  software  side,  as  well  as 
prepare  for  a  possible  battle  with 
telecom  service  providers  such  as 
SBC  and  Comcast. 

Preparing  for  battle 

“Google  is  trying  to  build  up  its 
war  chest  because  it  realizes  it’s 
going  to  war  with  some  pretty  big 
players,”  Enderle  says.“It’s  going  to 
be  rolling  against  some  heavy  hit¬ 
ters  already  in  the  communica¬ 
tions  space,  many  of  them  old 
legacy  companies  like  SBC. ...  So 
they  are  moving  to  build  that  war 
chest  before  they  fully  engage  in 
battle.” 

The  company’s  release  of 
Google  Talk  last  week  illustrates 
the  firm’s  grander  vision.  Google 
Talk  is  an  IM  and  VoIP-based  chat 
service  that  pits  Google  deeper 
into  competition  with  Web  portal 
giants  AOL,  Microsoft  and  Yahoo! 

“I  don’t  want  to  call  it  exactly 
defense,  but  they  are  playing 
catch-up  with  their  competitors 
who  have  this  functionality,  and 
they  now  as  a  media  company  or 
portal  or  however  you  want  to 
characterize  them  really  needed 
to  have  this  piece  to  round  out 
their  product  suite,”  says  Greg 
Sterling,  an  analyst  at  The  Kelsey 
Group. 

Google  says  it  hopes  to  differen¬ 
tiate  itself  from  competitors  by  for¬ 
going  proprietary  code  for  open 


Branching  out 

Online  search  giant  Google  is  moving  into  areas  such  as  VoIP  and  instant  messaging.  A  look  at  how  Google  has  recently  expanded  its  reach: 


August  2004  October  2004  Jan.  18, 2005  May  18, 2005  July  7, 2005 

IPO  at  $85  per  share.  Acquires  Keyhole,  a  digital  Releases  photo  Announces  Google  Desktop  Google  makes  strategic  investment  in  broadband-over-powerline 

I  mapping  company.  management  service.  Search  for  Enterprise. ,  service  provider,  Current  Communications,  i 

I  v  i  1 - — - *  i 


October  2004 

Beta  of  Google 
Desktop  Search. 


_ f  _ 2005  f 

Jan.  13, 2005  I  Jan.  25, 2005 

Unveils  Google  Mini,  a  Launches  Google  Video,  enabling 
search  appliance  for  SMBs,  users  to  search  TV  content. 


June  28,2005 

Rolls  out  Google  Earth, 
a  3-D  mapping  device. 


Aug.  18, 2005 

Files  for  second 
public  offering. 


i * 

Aug.  24, 2005 

Launches  Google  Talk,  an  IM/VolP 
service  for  Gmail  users. 


IM  protocols.  Google  is  latching 
on  to  the  Extensible  Messaging 
and  Presence  Protocol  (XMPP), 
an  open  standard  for  IM  and  pres¬ 
ence  developed  by  the  Jabbar 
Software  Foundation.  It  is  support¬ 
ed  by  Jabber  Open  Source; 
Jabber,  Inc.;  iChat  and  several 
other  programs. 

By  using  an  open  standard, 
Google  will  have  an  instant  com¬ 
munity  of  users  that  adopters  of 
Google  Talk  can  add  to  their 
buddy  lists. 

“Their  strategy  of  picking  the 
XMPP  protocol  and  rallying  all 
the  troops  that  are  not  on  the  pro¬ 
prietary  networks  [such  as  AOL, 
Yahoo  and  MSN]  will  generate  a 
Google  IM  community  in  a  hurryf 
says  Ed  Marshall,  head  of  the 
global  threat  center  at  IMlogic, 
which  develops  security  and 
management  gateways  to  help 
corporate  administrators  control 
consumer  IM  traffic  on  their  net¬ 
works.  “It  will  give  them  a  kick- 
start  to  the  number  of  people  on 
their  network.” 

At  the  same  time,  however, 
Google  Talk  will  introduce  “anoth¬ 
er  variable  into  enterprise  admin- 


Leader  of  the  pack 

While  it  wants  to  expand 
beyond  its  current  role, 
Google  is  king  of  the  online 
search  world. 

July  2005  searches 
Google:  36.5% 

Yahoo!:  30.5% 

MSN-Microsoft:  15.5% 

Time  Warner  Network:  9.9% 

Ask  Jeeves:  6.1% 

InfoSpace  Network:  0.9% 

All  other:  0.6% 

SOURCE:  COMSCORE  QSEARCH 


istrators’  control  and  security 
plans  in  that  they  have  to  factor  in 
another  network,”  Marshall  says. 

An  interesting  aspect  of  the 
Google  Talk  service  is  that  users 
must  have  a  Gmail  account  with 
Google.  Gmail  used  to  be  by  invi¬ 
tation  only,  but  last  week  when 
Google  unveiled  Google  Talk  it 
also  announced  that  anyone  can 
get  a  Gmail  account  as  long  as 
the  user  inputs  a  cell  phone 
number. 

While  Google  says  that  require¬ 
ment  is  to  ensure  the  legitimacy  of 
Gmail  users,  analysts  note  it  also 
suggests  a  broader  plan  to  make 
Google  a  communications  player. 

“Giving  people  access  to  infor¬ 
mation  from  any  location  is  both 
a  worthy  goal  from  the  point  of 
view  of  getting  the  world  hooked 
up,  but  it  also  means  that  it  could 
eventually  add  to  their  revenue,” 
says  Sue  Feldman,  research  vice 
president  of  content  management 
and  retrieval  solutions  at  IDC. 

Today  about  99%  of  Google’s  rev¬ 
enue  comes  from  advertising, with 
the  rest  coming  from  licensing 
and  enterprise  products.  But 
Google  executives  note  in  recent 
financial  filings  that  pressure  from 
competitors  is  slowing  revenue 
growth. 

As  a  result,  the  search  giant  is 
branching  out,  developing  tech¬ 
nology  in  a  range  of  areas,  includ¬ 
ing  communications,  Web  brows¬ 
ing  (earlier  this  year  it  hired  Ben 
Goodger,  one  of  Firefox’s  top  pro¬ 
grammers)  and  applications. 

“Their  desktop  product  has  a 
text  editor,  but  it’s  not  Microsoft 
Word,”  notes  Feldman.  “Are  they 
also  going  in  the  direction  of  tools 
that  create  content?  It’s  an  inter¬ 
esting  thought.” 

Google  hasn’t  been  one  to  stand 
still  since  its  launch  in  1999,  but 
the  recent  flurry  of  activity  has 
industry  observers  abuzz  —  and 
somewhat  confused  —  about 
where  Google  is  heading  next. 


Wade  Phillips,  technology  and  IS 
manager  at  Shakopee  School 
District  in  Minnesota,  says  he  fol¬ 
lows  Google’s  moves  “to  a  point.” 

“They  are  getting  to  a  point  that 
they  are  diversifying  their  offer¬ 
ings  and  products  to  increase 
their  revenues  and  decrease  risk,” 
he  says.'T  would  expect  any  smart, 
successful  company  to  leverage 
their  assets  to  expand.  VoIP  is  a 
very  young  but  growing  market, 
and  with  more  companies 
bundling  services  like  Internet 
access,  video  and  phone  service, 
Google  will  be  the  next  to  jump 
on  the  bandwagon.” 

The  use  of  Google  products  and 
services  in  his  IT  department 
today  remains  limited,  Phillips 
says.  The  school  district  doesn’t 
use  Google’s  enterprise  search 
appliance  but  does  use  its  desktop 
search  application,  for  example. 

As  for  Google’s  move  toward 
telephony  services,  Phillips  says 
he  doesn’t  expect  his  buying 
decisions  to  be  affected  in  the 
short  term.  “Long  term,  it  is  diffi¬ 
cult  to  say.  Things  change  so 
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quicklyf  he  says. 

The  Kelsey  Group’s  Sterling 
expects  to  see  Google  make  a  big¬ 
ger  push  into  the  enterprise. 

“One  of  the  issues  for  the  com¬ 
pany  long  term  is  to  diversify  its 
revenues  beyond  just  ads,” Sterling 
says.  “Enterprise  customers  are 
willing  to  pay  for  these  kinds  of 
products  and  services  if  they  per¬ 
form  well.” 

Diversification  also  was  a  likely 
driver  behind  the  company’s  deci¬ 
sion  in  July  to  make  a  strategic 
investment  in  Current  Communi¬ 
cations  Group,  a  Germantown, 
Md.,  provider  of  broadband-over- 
powerline  services. 

Google  executives  would  not 
comment  on  the  reasoning 
behind  that  investment,  nor 
would  they  comment  on  rumors 
that  the  company  is  buying  up 
dark  fiber  to  ultimately  create  a 
nationwide  broadband  network, 
which  some  speculate  would 
eventually  support  free  Wi-Fi,  as 
well  as  a  plethora  of  multimedia 
services  such  as  on-demand 
television.  ■ 
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BACKSPIN 


Mark  Gibbs 


t  is  said  that  talk  is 
cheap.  Unfortunately  it 
is  not  cheap  enough,  so 
when  we  saw  an  opportuni¬ 
ty  to  save  money  and  get 
better  service  we  switched  all  our  phones  to  Vonage  and 
our  DSL  service  from  a  static  IP  address  to  a  dynamic  one. 
Unfortunately  this  brave  new  world  of  better  service  and 
lower  cost  has  yet  to  materialize. 

Shortly  after  the  DSL  service  change  the  VoIP  service 
started  failing.  I  won’t  tell  you  the  tedious  tale  of  figuring 
out  that  it  wasn’t  Vonage’s  problem,  but  I  finally  deter¬ 
mined  that  our  DSL  service  had  become  unstable. 

So,  today  I  phoned  SBC  (of  course  I  couldn’t  call  them 
using  my  VoIP  service),!  navigated  its  wretched  interactive 
voice  response  (TVR)  front  end  and  enthusiastically 
cursed  whoever  designed  it. 

Actually  it  is  amazing  how  bad  the  majority  of  IVR  sys¬ 
tems  are.  A  great  example  of  an  awful  IVR  system  belongs 
to  the  Albertson’s  supermarket  chain.  Should  you  have  a 
complaint  there’s  a  customer  service  number  on  each 
receipt,  but  just  try  to  get  to  a  human  being.  If  you  don’t 
wind  up  enraged  and  frustrated,  you  are  up  for  sainthood. 

Anyway  back  to  SBC:  After  entering  my  DSL  telephone 
number,  the  number  where  I  could  be  contacted,  my 
weight,  my  height,  my  blood  type  and  finally  dividing  by 
the  first  number  I  thought  of,  1  finally  got  a  level-one  cus¬ 


Talking  to  customer  service 

i 


tomer  service  wonk  in,  I  suspect,  Bangalore. 

Knowing  that  whatever  I  told  the  level-one  wonk  would 
only  result  in  having  to  tell  the  same  story  all  over  again 
to  a  level-two  wonk,  I  simply  requested  a  level-two  wonk 
straight  away  If  you  call  SBC  and  don’t  try  to  jump  up  a 
level,  the  level-one  people  will  simply  follow  their  script 
until  they  hit  a  brick  wall  and  admit  they  can’t  help  you. 
They  will  then  hand  you  over  to  a  level-two  wonk  anyway 
Cut  out  the  middleman  is  my  philosophy.  It  will  shorten 

By  simply  talking  to  the  people 
in  your  organization  who  inter¬ 
act  with  customers  you  can  find 
out  cheaply  how  to  improve  ser¬ 
vice  to  your  market 

your  time  talking  with  SBC  by  up  to  an  hour. 

Even  so,  I  had  to  give  the  level-two  wonk  most  of  the 
same  information  I  had  already  given  to  the  IVR  system. 
Off  went  the  level-two  wonk  to  check  the  line.  “Yep,”  he 
confirmed  a  couple  of  minutes  later,  “there  is  a  problem 
so  we’ll  contact  you  within  the  next  glacial  epoch  and  get 
an  engineer  out  to  you.” 

So,  I’m  waiting.  But  while  I  am,  I’ve  been  pondering  SBC’s 
customer  service  system.  Why  does  its  IVR  system 


demand  data  from  you  before  you  can  get  access  to  any¬ 
one  but  then  fail  to  transfer  that  data  along  with  your  call? 

It  is  not  just  SBC  that  fails  in  this  area;  it  is  a  common 
issue  with  scores  of  companies  large  and  small.  Ask  a  cus¬ 
tomer  service  representative  (CSR)  —  should  you  be 
lucky  enough  to  get  a  warm  body  on  the  line  —  whether 
he  can  pass  a  comment  along  to  management.  Most  CSRs 
will  tell  you  that  they  can’t  because  they  never  actually 
get  to  see  management! 

It  seems  all  that  customer  intelligence  that  CSRs  learn  just 
doesn’t  matter  to  the  guys  in  the  comer  offices.This  is 
incredible!  By  simply  talking  to  the  people  in  your  organiza¬ 
tion  who  interact  with  customers  you  can  find  out  cheaply 
how  to  improve  service  to  your  market  Why  wouldn’t  you 
do  so?  It  can  only  be  attributed  to  laziness  or  ignorance. 

And  1  wonder  if  SBC’s  senior  management  has  ever  had 
to  call  in  and  use  their  own  IVR  services?  If  they  had, 
wouldn’t  you  think  they’d  do  something  about  them?  But 
then  again,  they  also  don’t  talk  to  their  CSRs. 

If  you  are  in  management  and  you  haven’t  tried  it,  talk  to 
your  CSRs  about  your  customers.  It  will  be  some  of  the 
most  profitable  discussion  you  can  have. That  is,  if  you  can 
get  through  your  own  IVR  system. 

Press  backspin@gibbs.com  to  send  a  message  to  me. 
Press,  www.networkworld.com/weblogs/gearblog  to 
check  Gearblog.  Have  a  nice  day. 


OMPENDIUM 


If  jjf  |  Howdy,  neighbor 

*  Those  of  us  old  enough  to  remember  when  14.4K 

bit/sec  modems  were  objects  of  lust  remember  FidoNet, 

v a  pretty  amazing  system  for  relaying  messages  around 
Adam  Gaffin  the  world  at  low  cost  (sort  of  like  UUCP  for  the  vast 

majority  of  us  who  didn’t  work  at  Digital  or  Stanford). 

Neighbornode  seems  to  apply  the  same  basic  technique  to  wireless  access  points, 
using  Linksys  WRT54G  wireless  routers.The  idea  is  to  set  up  a  forum  system  con¬ 
nected  to  a  public  access  point  —  everybody  who  uses  it  can  then  share  their 
thoughts  on,  well,  whatever  (great  for  organizing  block  parties).  And  no  reason  you 
couldn't  attach  a  Webcam  —  voifo,  instant  crime  watch. 

Neighbornodes  are  linked  together,  making  up  a  node  network  to  enable  the  passing 
of  news  and  information  on  a  street-by-street  basis  throughout  the  wider  community. 
With  access  to  your  local  Neighbornode,  you  can  post  messages  to  your  local  group 
board,  as  well  as  forward  messages  to  other  nodes  in  your  vicinity.These  other 
nodes  can  in  turn  forward  messages  to  your  node,  resulting  in  a  network  of  neigh¬ 
borhood  message  boards.  Read  more  at  www.networkworld.com,  DocFinder:  8632. 

From  the  flight  deck 

DanielTaylor  discusses  one  reason  to  continue  banning  cell-phone  use  aboard 
airplanes:  fisticuffs.  His  girlfriend  is  a  flight  attendant  and  he  recounts  a  recent 
incident  in  which  the  chief  flight  attendant  had  to  move  quickly  to  keep  a  fight  from 
erupting  when  one  passenger  not  only  whipped  out  her  cell  phone  for  a  conversa¬ 
tion  as  the  plane  was  about  to  move  to  the  taxiway  but  started  arguing  with  another 
passenger  about  it: 

"Many  passengers  are  anxious  about  flying.  I  mean,  they're  scared  to  fly.  A  lot  of 
these  passengers  drink  to  deal  with  their  anxiety,  so  we  already  have  to  deal  with 
drunk,  anxious  passengers.Throw  in  cell  phones  and  now  we’ll  have  a  cabin  full  of 
drunk,  anxious  people  talking  on  cell  phones.  I  watched  the  passengers  bristle  as  this 
woman  whipped  out  her  phone,  and  I  honestly  cannot  imagine  a  whole  plane  filled  with 
passengers  loudly  talking  to  Aunt  Ethel  about _ “  Read  more  at  DocFinder:  8633. 


Double-edged  Bluetooth 

Thieves  in  England  have  taken  to  cruising  parking  garages  with  Bluetooth  scan¬ 
ners  —  when  they  get  a  hit,  they  break  into  the  car  and  steal  the  laptop  or  ceil  phone 
whose  owner  didn't  realize  he  needed  to  turn  off  the  device,  the  Cambridge  Evening 
News  reports.  Read  the  full  account  at  DocFinder:  8634. 

Hey,  slow  down,  wouldja? 

The  Times  of  London  reports  that  Fujitsu  has  come  out  with  a  wireless  phone  that 
slows  down  the  caller's  speech:  “  By  toggling  a  switch  on  the  side  of  the  phone,  the 
Raku-raku  instantly  converts  all  incoming  voices  to  70%  of  their  usual  speed,  mak¬ 
ing  the  words  much  easier  for  the  listener  to  make  out. 

Why?  Japanese  senior  citizens  complained  that  their  grandchildren  just  talked  too 
fast  on  the  phone.  Might  also  come  in  handy  for  conversations  with  New  Yorkers. 
More  at  DocFinder:  8635. 

A  man’s  network  is  his  castle 

Dave  Piscetello  finds  some  similarities  between  the  way  kings  once  guarded  their 
castles  and  the  way  some  corporations  protect  their  networks:  “A  castle  proved 
very  effective  so  long  as  the  treasures  weren’t  moved  and  the  population  of  the 
kingdom  didn’t  venture  beyond  the  stationary  defenses  their  castles  provided.  But 
for  nobles  and  their  merchants,  travel  was  inevitable  and  communication  with  other 
kingdoms  necessary.  Armed  guards  accompanied  the  noble’s  entourages  and  the 
merchant’s  trade  wagons.  Knights  accompanied  the  wagons  for  added  protection. 
Treasures  were  transported  in  strongboxes.  Private  correspondence  was  sealed  and 
uniquely  imprinted  with  wax  and  chop  (or  signet  ring]. ..."  Read  his  essay  at 
DocFinder:  8636. 

Adam  Gaffin  is  executive  editor  of  NetworkWorld.com.  Read  Compendium  daily  at 
www.networkworld.com/community/?q=compendium.  Paul  McNamara  returns  in 
another  week. 


Digital  audio.  Video.  Records.  Documents.  Whatever  torm  your  information  takes,  IBM  HAS  AN  INFORMATION 
ISlSilHSliiMiiSMSKMUMill  MANAGEMENT  SOLUTION  THAT  CAN  BE  TAILORED  SPECIFICALLY  FOR  YOU.  Based  on  open  standards,  IBM  Content 
Management  middleware,  part  ot  the  IBM  Information  Management  family,  allows  content  to  work  together  seamlessly,  so  employees  can  quickly  get  the  right 
information  at  the  right  time.  Affordable  to  acquire  and  to  manage,  its  modular  construction  means  a  solution  that  can  grow  easily  with  your  business.  Discover 

what  else  IBM  Content  Mana0emenl  can  do  lot  you.  VISIT  ibm.C0M/MIDDLEWARE/CONTENT 
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Fr:  being  alone  with  your  information  management  challenges 


To:  getting  all  the  help  you  need 


EMC  SERVICES  CAN  HELP  YOU  GET  MORE  FROM  YOUR  INFORMATION.  With  EMC,  you  get  the  combined 
expertise  of  over  7,000  consultants,  specializing  in  everything  from  comprehensive  analysis  and  long-term 
planning  to  proven  implementation  and  support.  It’s  the  insight  you  need  to  archive  information  efficiently, 
enable  compliance,  maintain  business  continuity,  and  take  on  new  challenges.  And  it’s  the  first  step  toward 
creating  an  information  lifecycle  management  strategy  that  fits  your  business.  To  put  EMC’s  award-winning 
services  to  work  for  you,  visit  www.EMC.com/services. 

mi 

EMC’,  EMC,  and  where  information  lives  are  registered  trademarks  of  EMC  Corporation.  ©  Copyright  2005  EMC  Corporation.  All  rights  reserved. 


